The FBI is warning that the Silent Ransom Group (SRG) is concentrating on regulation companies with IT-themed social engineering assaults and callback phishing emails.
SRG is a cybercriminal gang that calls for ransoms in change for not leaking stolen information.
“SRG has been working since 2022 and has primarily been identified for his or her callback phishing emails, masquerading as well-known companies who supply subscription plans,” the FBI explains.
“Sometimes, SRG phishing emails purport to cost small quantities of ‘subscription charges’ as they’re much less more likely to generate speedy suspicion.
With the intention to cancel the faux subscription, the sufferer is instructed to name the menace actor who emails a hyperlink which downloads distant entry software program giving the actor entry to their gadget or system. As soon as the actor has established persistent entry, the menace actors will search to determine precious info to exfiltrate, earlier than sending a ransom discover to the sufferer threatening to share the sufferer’s information if a ransom just isn’t paid.”
The gang lately started impersonating IT departments to focus on workers, a method that the FBI says “has been extremely efficient and resulted in a number of compromises.”
“As of March 2025, SRG was noticed altering their ways to calling people and posing as an worker from their firm’s IT division,” the Bureau writes. “SRG will then direct the worker to affix a distant entry session, both by an electronic mail despatched to them, or navigating to an online web page. As soon as the worker grants entry to their gadget, they’re instructed that work must be executed in a single day.”
The FBI affords the next recommendation to assist organizations thwart these assaults:
- Conduct employees coaching on resisting phishing makes an attempt
- Develop and talk insurance policies surrounding when and the way firm’s IT will authenticate themselves with workers
- Preserve common backups of firm information
- Implement two-factor authentication for all workers
KnowBe4 empowers your workforce to make smarter safety selections day-after-day. Over 70,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and scale back human danger.
The FBI has the story.
