When an executive at a US law firm’s phone rang in April, the voice on the other end was urgent: A computer virus was spreading through the firm.
The caller said they were from IT support and needed physical access to the lawyer’s computer because remote fixes to stop the attack weren’t working. The lawyer told his purported colleague to swing by his desk at the law firm’s office in New Jersey.
The next day, the firm’s receptionist called: The lawyer had a visitor from IT at the front desk.
“That’s when an alarm bell went off: Why would an IT person need to check in with reception?” said Leeann Nicolo, who handles incident response for cybersecurity insurance firm Coalition, which the law firm hired to investigate the incident.
The visitor ran out of the building when the lawyer approached the front desk, according to Nicolo.









