Ransomware Campaign Uses Fake Interpol Notices to Target Small Businesses

Security Boulevard reports:

An emerging ransomware campaign is targeting small businesses with phishing emails that impersonate Interpol. The fake notices claim the recipient’s organization is under investigation for suspicious activity and that investigators have obtained information and video evidence tied to alleged criminal conduct. The lure is designed to create urgency and push the victim into opening files that appear to contain evidence.

The campaign has targeted organizations across multiple sectors, including pharmaceuticals, food, agriculture, technology, media, and legal services. Victims have been observed in the United States, Europe, Asia, and the Middle East. Bitdefender said the activity shows how relatively simple malware can still become a serious threat when paired with convincing social engineering.

The phishing emails direct victims to download a password-protected Proton Drive archive. If opened, the archive delivers ransomware disguised as a benign video file. The ransomware encrypts local systems and instructs victims to contact the attackers through the Tox peer-to-peer messaging platform to negotiate payment.

Read more at Security Boulevard.