TechCrunch says an increasing number of scammers are impersonating its reporters and events staff to approach companies, using the publication’s name to extract sensitive information. The outlet said inquiries from businesses asking whether a person “really works for you” have surged, indicating that the activity is rising again.
Impersonators Mirror Real Staff to Gain Access
TechCrunch said these schemes have involved impostors who pose as reporters and send messages that resemble standard media requests about a company’s products. In several cases, scammers used the names of actual staff members to ask for introductory calls. Some recipients have caught the fraud by noticing email addresses that do not match TechCrunch’s real employee domains.
Recently, TechCrunch says scammers have begun using addresses that mimic legitimate formatting, making detection more difficult. According to the outlet, the bad actors are also imitating reporters’ writing styles and referencing startup trends to make their messages more convincing.
Some victims told TechCrunch that fraudsters used phone interviews to gather additional proprietary information. TechCrunch also cited a PR representative who told Axios that a fake reporter raised suspicions after providing a scheduling link that seemed out of place.
Possible Motivations and Related Threat Activity
TechCrunch said it does not know why these groups are conducting the impersonations. However, former Yahoo colleagues told the outlet that the attempts resemble activity tied to a persistent threat actor known for using TechCrunch impersonation to conduct account takeover and data theft. Those attacks have targeted cryptocurrency, cloud and other technology companies using a variety of pretexts.
How Companies Can Verify Outreach
TechCrunch encouraged organizations to verify any communication that seems unusual or unfamiliar. The staff page is the fastest method to determine whether a person works for the publication. If the name is not listed, TechCrunch says the outreach is illegitimate.
If the name appears but the role does not match the nature of the request — for example, a copy editor soliciting business information — companies should treat it as suspicious.
For any borderline cases, TechCrunch advised reaching out directly to its staff through the contact information provided in official bios.
Publication Warns of Previously Used Fake Domains
TechCrunch provided a list of domains created in recent months that have been used in impersonation attempts:
email-techcrunch[.]com
hr-techcrunch[.]com
interview-techcrunch[.]com
mail-techcrunch[.]com
media-techcrunch[.]com
noreply-tc-techcrunch[.]com
noreply-techcrunch[.]com
pr-techcrunch[.]com
techcrunch-outreach[.]com
techcrunch-startups[.]info
techcrunch-team[.]com
techcrunch[.]ai
techcrunch[.]biz[.]id
techcrunch[.]bz
techcrunch[.]cc
techcrunch[.]ch
techcrunch[.]com[.]pl
techcrunch[.]gl
techcrunch[.]gs
techcrunch[.]id
techcrunch[.]it
techcrunch[.]la
techcrunch[.]lt
techcrunch[.]net[.]cn
techcrunch1[.]com
Featured image credits: DMR
For more stories like it, click the +Follow button at the top of this page to follow us.