Hi, thanks as always for reading TechCrunch. We want to talk to you quickly about something important.
A growing number of scammers impersonate TechCrunch reporters and event leaders and approach companies, pretending to be our staff when they absolutely aren’t. These bad actors use our name and reputation to try to defraud unsuspecting businesses. It’s driving us crazy and pissing us off on your behalf. Waterless and flowing. Judging by the increased number of emails we receive, we ask, “Does this person really work for you?” seems to be happening more actively right now.
Anecdotally, this doesn’t just happen to us. Fraudsters are taking advantage of the trust that comes from established news brands to get their foot in the door with companies across the media industry.
Here’s an example of the most common scheme we monitor: Fraudsters impersonating our journalists to extract sensitive business information from unsuspecting targets. In several cases we know of, scammers have impersonated real staff members, creating what looks like a standard media survey about a company’s products and asking for an introductory call.
Sharp-eyed recipients sometimes spot discrepancies in email addresses that don’t match the credentials of our real employees (see a list of fake email addresses below). But more recently, they are hearing from fake reporters who claim to have management deals that do match ours, making it difficult to identify a TechCrunch employee from someone else they claim to be. Indeed, systems evolve rapidly. Bad actors continue to refine their tactics, mimic the writing style of reporters, and cite startup trends to make their pitches more and more persuasive. Equally worrying, victims who agree to phone interviews tell us that scammers are using these exchanges to seek even more proprietary details. A PR representative Axios said that someone posing as a TechCrunch reporter raised suspicions when he shared a programming link.
Why do they do this? We don’t know, although a reasonable guess is that these are groups seeking initial access to a network or other sensitive information. In fact, former colleagues at Yahoo say these efforts align with a persistent threat actor they’ve been tracking, which has historically engaged in impersonating TechCrunch to facilitate account takeover (ATO) and data theft, targeting cryptocurrency, cloud and other tech companies using various guises.
As for what to do about it, if someone reaches out claiming to be from TechCrunch and you have even the slightest doubt that it’s legit, please don’t take their word for it. We make it easy for you to verify.
Get started by checking out the TechCrunch staff page. It’s the fastest way to see if the person contacting you actually works here. If the person’s name is not on our roster, you have your answer there.
If you see someone’s name on our staff page, but the employee’s job description doesn’t match the request you’re receiving (eg, a TechCrunch copy editor is suddenly very interested in learning about your business!), a bad actor may be trying to scam you.
If it sounds like a legitimate request, but you want to be doubly sure, you should also contact us directly and just ask. You can find out how to reach every writer, editor, sales executive, marketing guru and event team member in our resume.
We know it’s frustrating to have to double-check media inquiries, but these teams count on you not having to go that extra step. By being vigilant about verification, you’re not just protecting your own company—you’re also helping to maintain the trust that legitimate journalists depend on to do their jobs.
Thank you. And for your future reference, here’s a list of some of the TechCrunch impersonation domains we’ve seen pop up over the past few months:
email-techcrunch[.]com
hr-techcrunch[.]com
interview-techcrunch[.]com
mail-techcrunch[.]com
media-techcrunch[.]com
noreply-tc-techcrunch[.]com
noreply-techcrunch[.]com
pr-techcrunch[.]com
techcrunch-outreach[.]com
techcrunch-startups[.]information
techcrunch-group[.]com
techcrunch[.]All included
techcrunch[.]biz[.]identity
techcrunch[.]bz
techcrunch[.]cc
techcrunch[.]chap
techcrunch[.]com[.]pl
techcrunch[.]gl
techcrunch[.]gs
techcrunch[.]identity
techcrunch[.]the
techcrunch[.]la
techcrunch[.]Lt
techcrunch[.]net[.]cn
techcrunch1[.]com
