FBI Warns Gmail and Outlook Users About Dangerous Ransomware Threat
Published: March 14, 2025, 10:32 a.m.
The FBI, along with the U.S. Cybersecurity and Infrastructure Security Agency (CISA), has issued an urgent warning to users of Gmail, Outlook, and other popular email services regarding a growing ransomware threat that could lead to severe financial and data losses.
Medusa Ransomware Poses a Major Risk
The alert highlights the ongoing activity of the Medusa ransomware gang, a cybercriminal organization that has been targeting individuals and businesses since 2021. According to the FBI, Medusa has evolved into an affiliate-based model, where different cyber actors work together under centralized control.
“Both Medusa developers and affiliates—referred to as ‘Medusa actors’ in this advisory—employ a double extortion model, where they encrypt victim data and threaten to publicly release exfiltrated data if a ransom is not paid,” the agency warned.
Who Is at Risk?
As of February 2025, the Medusa ransomware group has impacted over 300 victims across critical sectors, including:
- Healthcare
- Education
- Legal services
- Insurance
- Technology
- Manufacturing
How Medusa Attacks
The hackers use phishing emails—messages designed to trick users into clicking malicious links or sharing sensitive information—to gain access to victims’ systems. Additionally, they exploit unpatched software vulnerabilities, allowing them to infiltrate networks and lock down critical data. Once infected, victims are left with a devastating choice: pay a ransom or risk having their data leaked or permanently lost.
How to Protect Yourself
The FBI and CISA strongly recommend taking the following precautions to prevent falling victim to Medusa ransomware:
- Use Strong, Unique Passwords: Ensure all accounts have long, complex passwords that are not reused across multiple platforms.
- Enable Multifactor Authentication (MFA): Activate MFA for email, VPNs, and any accounts that provide access to critical systems.
- Keep Software Updated: Regularly update all operating systems, applications, and firmware to patch known vulnerabilities.
