New FBI alert: in-person data theft and extortion happening now

The bad guys are at it again! This week, the FBI issued a new warning about a cybercriminal group called Silent Ransom Group, or SRG, that’s been targeting law firms with a mix of phishing, fake IT support calls and even in-person visits.

The scam usually starts with a phone call or phishing email from the attacker pretending to be from IT support. They may tell an you there’s a problem with your computer, an issue with an email or something that needs to be fixed right away. Next they'll try to convince you to start a remote desktop session so that they can take over your computer.

Here’s where things get interesting. If the remote desktop attempt doesn’t work, the FBI says the attackers may send someone to your physical location for IT support. That person may try to plug in a USB drive into your computer which then takes it over and allows them to steal your data. What's scary is that the IT person might just be a freelancer and not even know that they're working for the bad guys!

After your data is stolen, SRG uses it for extortion. They may send a ransom email threatening to sell or publish the stolen files and even call employees, clients or business contacts to pressure your company into paying up.

The Takeaway

This week's flash alert follows a May 2025 FBI private industry notification warning that the same extortion gang has been targeting U.S. law firms for almost 2 years. While these warning are focused on law firms, the lesson applies to every business. These attackers are getting better at looking, sounding and acting legitimate. Here are a few simple ways to protect yourself:

1. Be cautious when anyone asks for access to your computer. If someone calls, emails, or shows up claiming to be from IT, don’t feel pressured to act immediately. Real IT support should be able to verify who they are. Use a known phone number, ticketing system, or trusted contact to confirm the request before giving anyone remote access.
   

2. Don’t install remote access tools unless IT verifies it first. Attackers often use legitimate tools like remote desktop software because those tools don’t always look suspicious to antivirus software. If someone asks you to install or open a remote support tool, stop and verify it first. If you're currently using our Total Security solution, we keep an eye on this for you.
   

3. Never let an unexpected visitor plug anything into your computer. If someone shows up claiming to be IT support, ask for ID, confirm they have an appointment, and verify the visit with your manager or IT provider before letting them near a computer.

The biggest takeaway is simple...slow down, verify, and don’t let urgency override common sense. If something feels off, it’s better to ask one extra question than to give an attacker access to your computer.

Share this email with friends, family, and coworkers. The more people know what to watch for, the safer our whole community becomes.

Stay safe out there.

-Attila

New Friday Funnies!

What did the tech guy say when he tripped over a computer cable?

Ow that megahertz!

Who was the most high-tech prophet?

Moses - he used a tablet.

What is do tech companies and drug dealers have in common?

They are the only 2 industries that refer to their customers as ‘users’.

Where did the tech support guy go to buy his lunch?

The URL of Sandwich.

What does a clown living in a sewer and a person working in technical support have in common?

They both are from IT.