You’ve trained your employees well to avoid falling for phishing or social engineering attempts. Have you trained them on what to do when someone shows up who appears to be from your firm’s IT support? The Record reports:
A cyber extortion group linked to the now-defunct Conti ransomware syndicate is increasingly targeting U.S. law firms through a mix of phishing, fake IT support calls, and even in-person visits to steal sensitive data, according to a new FBI warning.
In a public advisory issued Tuesday, the FBI said the group, known as Silent Ransom Group (SRG), has consistently targeted U.S. law firms since 2023 using social engineering schemes to gain remote access to corporate systems and exfiltrate data.
Also tracked as Luna Moth, Chatty Spider and UNC3753, the group focuses on data theft and extortion rather than encrypting victims’ networks. Once data is stolen, the attackers threaten to publish it on their leak site or sell it unless a ransom is paid.
The latest campaign, observed this spring, involves attackers posing as internal IT personnel.
Read more at The Record.
