The FBI has confirmed that Silent Ransom Group (SRG), also tracked as Luna Moth, is deploying operatives physically to law firm offices while posing as IT personnel, extending their established callback phishing operation into the physical domain. No CVE is involved; the attack chain exploits procedural gaps in physical access control and IT staff verification. Law firms are the confirmed primary target, with secondary risk to insurance, finance, and healthcare organizations handling sensitive client data.