The cybercriminal group UNC3753 has perfected a combined technique of social engineering and physical access to steal data in the United States. They first make fake phone calls impersonating company employees, then obtain sensitive information and demand money in exchange. Citizens should distrust any unexpected call requesting personal data and report suspicious activities.
Physical access and impersonation techniques in cyberattacks 🔒
UNC3753 uses social engineering tools to deceive victims, combining fake calls with in-person visits to offices or homes. Attackers pose as technicians or support employees, physically accessing devices or networks. Once inside, they install malicious software or extract information from unprotected systems. This hybrid approach bypasses many traditional digital defenses, forcing companies to strengthen identity verification protocols and access controls.
The friendly technician scam that only wants your money 💸
If one day you receive a call from a supposed technician asking for your data, and then they show up at your door with a smile and a tablet, don't invite them in for coffee. UNC3753 shows that, sometimes, cybercriminals prefer to walk rather than hack. In the end, the best defense is to hang up the phone and bolt the door.