Your phone rings. The caller knows your name, sounds calm and professional, and says they're from your IT company. There's a small problem with your computer, nothing major, and they just need a few minutes of remote access to fix it. Helpful, right?

That call is the entire attack. No virus. No malicious attachment. No suspicious link to click. Just a friendly voice and a moment of trust, and that's exactly what makes it so dangerous.

The Group Behind the Calls

In May 2025, the FBI issued a warning about a criminal crew known as the Silent Ransom Group, also tracked under the names Luna Moth and Chatty Spider. These aren't amateurs. The group grew out of the notorious Ryuk and Conti ransomware operations, and they've refined a method that sidesteps almost every piece of security software a business might have.

Their target of choice? Law firms. Between January and May 2026, they hit dozens of organizations, and in one tracked campaign the legal sector made up over 40% of their victims. The reason is simple: law firms hold piles of sensitive, regulated information (client files, contracts, settlement details, tax records) and they tend to pay quickly to make a breach quietly disappear.

How the Scam Actually Works

The attack is a "callback phishing" scheme, and it's clever precisely because it's low-tech:

Because the victim installs the software themselves, and because that software is completely legitimate, there's almost nothing for traditional security tools to catch. The weak point isn't the computer. It's the conversation.

Why This Should Worry Small Businesses, Not Just Law Firms

It would be easy to read this and think, "I'm not a law firm, I'm fine." That's the trap.

Law firms are the headline, but the technique works on anyone. The same group has gone after accounting firms, financial advisors, and real estate offices, and the in-person version of this scam, where someone physically shows up claiming to be IT, has been flagged by the FBI too. Any office where a trusting employee might hand over computer access to a confident stranger is a target.

And the numbers around small organizations are sobering. In a survey of 500 U.S. law firms, 20% reported being targeted by a cyberattack in the past year. Smaller firms and solo practices are often the easiest marks, because they rarely have dedicated security staff to say "wait, let me verify that." The average ransomware attack now costs around $1.85 million, a number that can end a small business outright.

How to Shut This Down

The good news: because this attack relies on human trust rather than fancy malware, the defenses are mostly human too, and they're free.

Scams like this succeed in the gap between "that seems a little off" and "but I don't want to be rude." Closing that gap is exactly what a fresh set of eyes is for.

We offer a one-time review of the things that decide how badly a fake IT call could hurt you: your accounts and Multi-Factor Authentication (MFA), who holds administrator access, whether your backups actually work, and how your network and access are set up. You get a prioritized findings report you can act on. And for the moment an employee is staring at a suspicious email or an unexpected "support" call, we give you a real person to ask, with a straight answer within one business day.

Want to know where you stand? Book a free 15-minute call → We serve small businesses throughout Marion County, FL and the surrounding area.