FBI Alerts Law Firms: Luna Moth's Stealthy Phishing Campaign Explained
Published at : 23 Dec 2025
In this video, we delve into the recent FBI warning regarding a sophisticated phishing campaign by the cybercriminal group known as Luna Moth. This group has been actively targeting law firms since at least 2022, employing advanced social engineering tactics that leverage phone calls and phishing emails to gain unauthorized access to sensitive data.
What you’ll learn:
We will explore how Luna Moth operates, the specific tactics they use to trick victims, and the implications of their actions on the legal and financial sectors. Additionally, we’ll provide actionable steps that organizations can take to defend against these types of attacks.
The FBI's advisory highlights a concerning trend in cybercrime, particularly the shift in tactics by Luna Moth as they have begun impersonating IT department employees to gain trust and access. By using callback phishing and remote access tools, they are able to bypass traditional security measures. This video will break down these methods, providing insights into how organizations can recognize and respond to these threats.
Since its emergence, Luna Moth has been linked to various hacking campaigns, including the notorious BazarCall, which deployed ransomware like Conti. Their recent activities have shown a high tempo of attacks, particularly against U.S. law firms and financial institutions. The FBI's warning comes at a critical time, as these attacks are becoming more sophisticated and harder to detect.
We will also discuss the specific indicators of compromise that organizations should be aware of, such as unsolicited calls from supposed IT staff and suspicious emails regarding subscription services. By understanding these signs, businesses can better prepare and protect themselves from potential breaches.
As cyber threats evolve, staying informed and vigilant is crucial. This video serves as a vital resource for legal and financial professionals looking to enhance their cybersecurity posture and safeguard their sensitive information against evolving threats like Luna Moth.
Join us as we unpack the details of this ongoing cyber threat and equip your organization with the knowledge to respond effectively. Stay tuned for practical tips and insights that can help mitigate the risks associated with these types of phishing campaigns.