Inside the 3AM group’s ransomware tactics
Learn how to defend against real-world attacks
In this episode of Cyber Shorts: Inside 3AM ransomware — Tactics, tricks and how to defend, we explore how the 3AM ransomware group blends technical exploits with real-time social engineering. Discover how these hybrid attacks unfold, how they bypass traditional defences, and the practical steps your organisation can take to stay protected.
In this video, you’ll learn:
- How attackers are combining email bombing and voice phishing to carry out ransomware attacks and avoid traditional defences.
- Why tools such as Teams and Quick Assist are being utilised to gain remote access.
- What recent investigations reveal about dwell time, lateral movement, and persistence.

Inside 3AM Ransomware Tactics and How to Defend Against Real-World Attacks in 2025 | Sophos
11:57
