Thank you for reading TechCrunch. We need to discuss an important and growing problem. A rising number of scammers are impersonating TechCrunch reporters, editors, and event staff. These bad actors are falsely claiming to be our employees to contact companies. They exploit our name and reputation to deceive unsuspecting businesses. This is infuriating for us and for you. We are receiving more emails asking if a contact is legitimate, which indicates these scams are currently increasing.
This issue is not unique to TechCrunch. Fraudsters are exploiting the trust associated with established news brands across the media industry to gain access to companies.
Here is a common scheme we are tracking. Impostors pose as our reporters to extract sensitive business information. In several known cases, scammers have assumed the identities of actual staff members. They craft messages that look like standard media inquiries about a company’s products and request introductory calls.
Sometimes sharp-eyed recipients catch discrepancies in email addresses. However, we are now seeing fake reporters using address conventions that closely match our own, making it harder to distinguish a real employee from an imposter. These schemes evolve quickly. Bad actors refine their tactics, mimic writing styles, and reference startup trends to make their approaches more convincing.
Equally troubling, victims who agree to phone interviews report that fraudsters use those conversations to dig for proprietary details. One PR representative noted that a person posing as a TechCrunch reporter raised suspicions by sharing a scheduling link.
Why is this happening? We do not know for certain, but a reasonable guess is that these groups seek initial access to networks or sensitive information. Former colleagues report that these attempts align with a persistent threat actor who has historically used TechCrunch impersonation to facilitate account takeovers and data theft, often targeting cryptocurrency, cloud, and other tech companies.
If someone contacts you claiming to be from TechCrunch and you have any doubt, please verify their identity. Do not take their word for it.
Start by checking our official staff page. This is the quickest way to confirm if the person works for us. If their name is not on our roster, they are not legitimate.
If the name is on our staff page, but the employee’s job role does not match the request, it may be a scam. For example, a copy editor would not typically request an in-depth business briefing.
If a request seems legitimate but you want to be certain, please contact us directly to ask. You can find contact information for our writers, editors, and other team members in their official biographies.
If you are unsure about a message, our staff list alternate communication methods in their official bio pages. Use one of those alternate methods to confirm.
We know it is frustrating to double-check media inquiries, but these groups rely on you skipping that step. By being vigilant and verifying contacts, you protect your company and help preserve the trust that legitimate journalists depend on.
For your reference, here is a list of some impersonating domains we have seen created in recent months. None are affiliated with TechCrunch:
email-techcrunch.com
hr-techcrunch.com
interview-techcrunch.com
mail-techcrunch.com
media-techcrunch.com
noreply-tc-techcrunch.com
noreply-techcrunch.com
pr-techcrunch.com
techcrunch-outreach.com
techcrunch-startups.info
techcrunch-team.com
techcrunch.ai
techcrunch.biz.id
techcrunch.bz
techcrunch.cc
techcrunch.ch
techcrunch.com.pl
techcrunch.gl
techcrunch.gs
techcrunch.id
techcrunch.it
techcrunch.la
techcrunch.lt
techcrunch.net.cn
techcrunch1.com