Cybercriminals Are Now Showing Up at Office Buildings in Person

When Digital Threats Walk Through Your Door

Cybercriminals have taken social engineering to an alarming new level. The extortion group known as UNC3753 is now combining phone scams with physical office intrusions to steal sensitive data from professional services firms across the United States. This represents a significant escalation in how cyber threats operate, and it affects anyone who works in an office setting.

The Details

Here's how this sophisticated attack works. First, the criminals call employees pretending to be IT support, help desk staff, or other trusted figures. This technique is called vishing (voice phishing). During these calls, they gather information about the company's security systems, employee names, office layouts, and access procedures.

Then comes the shocking part: someone actually shows up at the physical office. Armed with information from those phone calls, the intruder poses as a legitimate contractor, IT technician, or service provider. They might wear branded clothing, carry fake credentials, or reference real employee names they learned during the vishing calls. Once inside, they access computers, plug in USB devices, or connect hardware that allows them to steal data remotely.

The group UNC3753 specifically targets professional services firms, including legal practices, consulting firms, and financial advisors. These businesses hold extremely valuable information like client records, financial data, and confidential communications. The criminals then use this stolen data for extortion, threatening to release sensitive information unless the company pays.

Who Is Affected

If you work in a professional office environment, this threat is relevant to you. Legal assistants, accountants, consultants, financial planners, and administrative staff are all potential targets. Small and mid-sized firms are particularly vulnerable because they often lack the robust security protocols of larger corporations.

Family members should also pay attention if someone in your household works at a professional services firm. A successful breach doesn't just threaten the company. It can expose personal information about employees, clients, and their families. Your medical records, financial documents, or legal matters could be compromised if your attorney's or accountant's office gets hit.

What You Should Do Right Now

1. Talk to your employer about visitor verification procedures. Ask how your workplace confirms the identity of contractors and service providers before granting building access. If there's no clear process, suggest creating one.

The Bigger Picture

This trend shows that cybercriminals are becoming more creative and persistent. They're no longer content to operate purely online. By combining digital tactics with physical intrusions, they're exploiting our natural tendency to trust people who seem official or knowledgeable. Staying informed about evolving threats like this isn't about living in fear. It's about making smart decisions that protect your family, your career, and your clients.

How GetCyberRight Can Help

Our Cyber Threat Radar tool tracks emerging threat patterns just like this one, including social engineering tactics targeting businesses. It helps families understand which threats are actively evolving and what they mean for your daily life. When you know what to watch for, you can spot warning signs before they become serious problems.