Scammers are actively impersonating reporters, editors, and event staff from a major technology news publication, contacting companies under false pretenses to extract sensitive business information and potentially gain unauthorized access to corporate networks.
The volume of verification requests the publication has received from targeted companies indicates the activity is intensifying. Similar schemes are hitting other established media brands, with fraudsters exploiting the credibility of recognized news outlets to get responses from companies that would otherwise ignore cold outreach.
How the Scheme Works
The most common version involves a scammer adopting the identity of a real staff member and sending what appears to be a routine media inquiry about a company’s products, followed by a request for an introductory call. Early versions were easier to catch: recipients noticed email addresses that did not match legitimate staff credentials.
The tactics have since become more refined. More recent attempts use email address formats that mirror the publication’s actual conventions, making visual verification significantly harder. Fraudsters are also mimicking reporters’ writing styles and referencing current startup trends to make their messages look credible.
For companies that agree to phone interviews, the exposure deepens. Victims report that scammers use those calls to press for additional proprietary details. One PR professional told another outlet that suspicions arose when a person posing as a reporter shared a third-party scheduling link during the exchange.
Who Is Behind It
The precise motivation remains unconfirmed, though the most plausible explanation is that these actors are seeking initial network access or sensitive data. Former staff at Yahoo have noted that the pattern aligns with a persistent threat actor they have tracked over time, one with a history of using media impersonation to conduct account takeover attacks and data theft, with a focus on cryptocurrency, cloud, and other technology companies.
Known Fake Domains
The publication has identified a range of fraudulent domains created within recent months. None of the following are affiliated with the legitimate outlet:
- email-techcrunch[.]com
- hr-techcrunch[.]com
- interview-techcrunch[.]com
- mail-techcrunch[.]com
- media-techcrunch[.]com
- noreply-tc-techcrunch[.]com
- noreply-techcrunch[.]com
- pr-techcrunch[.]com
- techcrunch-outreach[.]com
- techcrunch-startups[.]info
- techcrunch-team[.]com
- techcrunch[.]ai
- techcrunch[.]biz[.]id
- techcrunch[.]bz
How to Verify a Media Inquiry
The publication advises any company that receives a suspicious inquiry to cross-reference the sender’s name against its official staff directory. If the name does not appear, that alone is sufficient to dismiss the outreach. If the name does match but the request does not align with that person’s actual role, the contact is likely fraudulent.
For additional confirmation, each staff member’s official biography page lists alternate contact methods. Companies can use those independently verified channels to confirm whether an inquiry is genuine before sharing any information or agreeing to a call.
The broader risk extends beyond individual companies. When scammers successfully exploit a trusted media brand’s reputation, it erodes the access and goodwill that legitimate journalists rely on to report accurately. Verification, however inconvenient, directly protects that relationship.
Photo by Nidhin Mohan on Unsplash
This article is a curated summary based on third-party sources. Source: Read the original article
