FBI: Get to know your IT guy – extortion crews are visiting law firms pretending to be tech support

FBI: Get to know your IT guy – extortion crews are visiting law firms pretending to be tech support

Cybercriminals still allowed to walk into office blocks and convince staff to let them plug in their own thumb drives

The FBI is warning unsuspecting lawyers that their firms continue to be an active target for members of a longstanding extortion crew.Silent Ransom Group has been operating since 2022, by the FBI’s reckoning, and its latest message [PDF] about the gang comes almost exactly a year after its last. The group is still targeting US law firms and their staff, and the criminals are pretending to be company IT staff.It also warned last year that the callback phishing specialists had started physically walking into the law firms’ offices when remote social engineering attempts go south. The FBI’s latest advisory reaffirms these findings, with fresh attacks reported in Spring 2026.

Law firms should be locking up their USB ports because the extortion crew is still sending members to plug in their thumb drives into the computers, for when they can’t convince employees to surrender remote access.

In these scenarios, they rock up to the victim they’ve tried to phish and socially engineer from behind a phone or computer screen, continue the facade of being a company IT rep, and then claim they need to image the person's device or create a backup file to assess the damage of their own phishing email.What they’re actually doing is copying important files onto said thumb drive, which SRG will later use to extort the law firm.The FBI didn’t say exactly how many of these in-person callouts SRG has made, but it was evidently enough to include in a fresh advisory on the group’s methods and tactics.According to the advisory, these attacks were first reported in Spring 2026.SRG in briefSRG’s target industries used to be broader than just legal. The hack-and-leak group has been known to target organizations operating in various industries, but the legal sector has remained a common theme since 2023.The FBI said in its advisory on the group last year that it believes SRG consistently targets US law firms “likely due to the highly sensitive nature of legal industry data.”