Online or telephone IT support scams have been tricking employees into downloading or clicking on malware for years. But according to the FBI, one group that targets US-based law firms has recently found success in person, by convincing firms to allow a supposed IT support person into the building, where they insert a storage device into a victim’s computer and install malware or steal data.
This revelation comes from an FBI Flash report this week describing the activities of a gang it calls The Silent Ransom Group (SRG). Other researchers call it Luna Moth, Chatty Spider and UNC3753.
Cybersecurity experts, though, aren’t surprised that employees can be fooled into allowing a stranger to tou...