FBI says Silent Ransom Group impersonates IT support to target law firms

Medical offices, financial firms, insurance companies and small businesses can face similar risks, the report said. A fake IT worker does not need a huge hacking setup if someone lets them sit down at a computer. Most people picture hackers hiding behind screens in another country, Fox News reported.

This warning flips that idea. Here, the threat may arrive with a badge, a laptop bag and a calm voice. A receptionist may think the person has an appointment. An employee may assume someone else approved the visit.

A busy manager may wave them through because the person sounds confident, the report said. Warning signs of a fake IT support scam include a surprise IT visit without a scheduled ticket, refusal to name who sent them, or requests to use a computer without supervision, Fox News reported.

Scammers often rush people so they skip normal checks and may claim a security update failed or that a machine has a problem that could affect the whole office, the report said.

The good news is that a few simple habits can make it much harder for a fake IT worker to get past the front desk, sit at a computer or walk out with sensitive files, Fox News reported. Businesses should verify every IT visit before giving access, require visible approval for outside support, and lock down USB drives and external storage where possible, the report said.

Security training should include in-person scams, not only phishing emails, and employees need to know that a friendly visitor can still be dangerous, Fox News reported.

The FBI says the Silent Ransom Group often tries to get victims to install remote desktop management tools, and businesses should monitor for new remote access software, the report said. Employees should only access files they need for their role, and businesses should track device connections, file transfers and privilege changes, Fox News reported.

A receptionist or office manager should have a written checklist for unexpected visitors that includes photo ID, company name, ticket number and approved contact, the report said.

Visitors should never wander through an office alone, and if someone shows up pretending to be IT support, report it right away to a manager, IT team and local law enforcement if needed, Fox News reported. Businesses should install trusted security software on office computers to help detect malware, ransomware and other threats if someone gets access to a machine, the report said.

The unsettling part of this FBI warning is how normal the attack looks, Fox News reported.

No dramatic break-in. No Hollywood-style hacking screen. Just someone pretending to help.