Imagine receiving a handwritten letter from a hacker claiming they’ve stolen your company’s data—except they haven’t. This isn’t fiction, but a real scam circulating in 2025, where cybercriminals are getting creative to pressure victims. Cybersecurity experts are buzzing about three major trends this year: blatant extortion lies, legacy system vulnerabilities, and AI-powered phishing factories. We unpack recent interviews and reports to show you what’s happening behind the digital curtain.
1. The Rise of Fake Data Leaks and Postal Threats
Unit 42 researchers shared a bizarre case from March 2025: Executives at multiple companies received physical letters pretending to be from the BianLian ransomware group. The letters threatened data leaks, but no breaches had actually occurred. The FBI later confirmed this was a scam unrelated to real hackers—a sign of how low-effort, high-reward cons are proliferating. Attackers increasingly reuse old data or invent leaks entirely, knowing that even empty threats can trigger panic payments.
Real-world impact: One hospital received such a letter during merger talks. Though IT confirmed no breach, the scare delayed negotiations and cost $200K in crisis management—a reminder that perception often outweighs reality in cybersecurity.
2. IBM i Security: The 9-Year Unfixed Headache
Fortra’s annual IBM i Security Study for 2025 shows 77% of organizations still rank cybersecurity as a top-five concern for these legacy systems. Amy Williams, a lead analyst, compares securing IBM i environments to “repairing a plane mid-flight”—admins juggle outdated protocols and complex new threats daily. The biggest gap? Exit point monitoring. Hackers increasingly target these overlooked access points, like FTP servers, that many assume are “set and forget.”
Conversation with a pro: During a webinar, security architect Sandi Moore described a client who discovered 12,000 vulnerable exit points on their system. “They’d prioritized firewalls but forgot the backdoor keys were still under the mat,” she quipped.
3. AI Phishing Kits and the DocuSign Ploy
Hornetsecurity’s April 2025 report highlights how AI tools now generate entire phishing kits, complete with convincing DocuSign and DHL email templates. Attackers use generative AI to personalize messages at scale—like mimicking a CEO’s writing style from LinkedIn posts. One intercepted campaign used AI to create 500 unique HR “salary update” lures in under an hour.
Defense tip: “Assume every PDF or Excel attachment is guilty until proven innocent,” advises a Hornetsecurity analyst. Their data shows these file types deliver 60% of Q1’s malicious payloads.
4. Compliance vs. Reality: The Paperwork Paradox
At the Cyber Security 2025 conference in Novosibirsk, regional director Natalia Nikolaeva stressed how companies focus on checklists rather than practical safeguards. “You can have perfect software patents but zero protection against a $5 phishing toolkit,” she warned. Attendees shared stories of firms passing audits while lacking basic MFA—akin to having a burglar alarm with no batteries.
5. The Scary Simplicity of SessionShark
A new toolkit called SessionShark is bypassing Microsoft 365’s multi-factor authentication (MFA) by hijacking browser sessions. Dark Reading’s interview with cybersecurity engineers revealed how attackers sell “educational” licenses for $2,000, positioning it as a red team tool while enabling real breaches. One victim’s entire SharePoint database was siphoned through a single compromised Chrome tab.
The bottom line: From snail-mail scams to AI-driven chaos, 2025’s threats thrive on distraction and complacency. As one Unit 42 responder put it: “The best defense isn’t more tech—it’s teaching employees that sometimes, the wolf really is at the door.”
References:
- https://www.youtube.com/watch?v=qZMFmgmXk0A
- https://www.youtube.com/watch?v=8ZbevYI-KBU
- https://www.youtube.com/watch?v=j0t3KriDILc
- https://www.gorodissky.com/publications/news/conference-cyber-security-2025-current-risks-and-trends/
- https://unit42.paloaltonetworks.com/2025-ransomware-extortion-trends/
- https://docsbot.ai/prompts/writing
- https://www.hornetsecurity.com/en/blog/monthly-threat-report/
- https://security-links.hdks.org/security-news/
