A new ransomware scheme by the Medusa gang is targeting users of popular email services such as Gmail and Outlook. The FBI and U.S. Cybersecurity and Infrastructure Security Agency (CISA) warn that the group, active since 2021, uses a double extortion model to encrypt victim data and threaten to release it publicly unless a ransom is paid.
Medusa has impacted over 300 victims across various industries, including medical, education, and technology. The group uses phishing campaigns and exploits unpatched software vulnerabilities to gain access to systems before taking them “hostage” for a ransom.
To protect against this threat, the FBI and CISA recommend using long, unique passwords and multifactor authentication for all accounts, especially webmail, VPNs, and critical system access. Keeping operating systems, software, and firmware up to date is also crucial.
For more information on how to stay safe from this ransomware scheme, visit the recommended resources provided by the FBI and CISA.
Source: https://www.al.com/news/2025/03/fbi-issues-warning-to-all-gmail-outlook-email-users.html