News (US:NWSA) Fortune·2026-01-01 11:27Core Insights - The article discusses the rise of a criminal organization known as "The Com," which recruits young individuals, primarily teenagers, to conduct ransomware attacks against major corporations, exploiting their technical skills and naivety [3][4][19]. Recruitment and Operations - The Com prioritizes female candidates and offers training for inexperienced individuals, with compensation of $300 per successful call, paid in cryptocurrency [2][19]. - The organization has infiltrated U.S. and UK companies with a combined market cap exceeding $1 trillion, targeting around 120 companies, including well-known brands like Nike and Louis Vuitton [3][4]. Tactics and Techniques - The Com employs sophisticated social engineering tactics, utilizing platforms like LinkedIn and Slack to gather information about employees and corporate structures [7][10]. - Members of the group often mimic legitimate help desk calls to extract sensitive information from employees, exploiting the asymmetry in authentication processes [11][20]. Youth Involvement and Risks - Many of the young recruits are unaware of the severe legal consequences, with some facing federal charges and significant prison sentences for their involvement [4][17]. - The article highlights that the recruitment often begins in gaming communities, where young individuals are groomed for cybercrime [15][23]. Gender Dynamics - The organization has seen an increase in female participation, which is strategically leveraged for social engineering due to societal biases that underestimate women [19][22]. - Despite the growing number of female recruits, the leadership remains predominantly male, and women are often not given opportunities for advancement within the organization [22]. Parental Awareness and Cybersecurity - Parents often remain unaware of their children's involvement in cybercrime until law enforcement intervenes, highlighting a gap in monitoring online behavior [6][26]. - The complexity of online crimes makes it difficult for parents to recognize warning signs, necessitating a more proactive approach to cybersecurity at home [25][26].