Find notable cyber news and cases, enriched with sources, timelines, and signals.

Interpol impersonation ransomware phishing campaign targeting small businesses

Campaign
First reported
Last updated
Happening score
H score 29
1 unique sources, 1 articles

Summary

Hide ▲

A phishing campaign is using Interpol impersonation to reach small businesses across Europe, Asia, the Middle East and North America, creating a broad ransomware-delivery risk. Emails claim to come from the Cybercrime Investigation Unit and push recipients to open a supposed evidence file. The lure routes victims through a Proton Drive link and password before presenting an executable disguised as a video file. If opened, the payload can compromise systems and drive ransomware extortion through Tox contact.

Timeline

  1. 01.07.2026 03:00 2 articles · 8d ago

    Interpol impersonation phishing campaign delivers ransomware payloads

    Initial Disclosure

    Bitdefender Antispam Lab describes a phishing campaign in which cybercriminals impersonate Interpol's Cybercrime Investigation Unit to target small businesses across Europe, Asia, the Middle East and North America. The emails claim the recipient may be linked to suspicious or fraudulent activity, point to a password-protected Proton Drive file, and lead to an executable disguised as a video file that can compromise systems with ransomware; the ransom note then directs victims to contact the attackers through Tox.

    Show sources