A sophisticated threat actor has been leveraging a combination of social engineering and physical tactics to compromise high-value organizations in the United States, according to recent research from Google Mandiant and Google Threat Intelligence Group. The financially motivated campaign, which targeted dozens of professional services, legal firms, and financial institutions, demonstrates the evolving nature of cyber threats that increasingly blend digital and physical attack vectors.
Between January and May 2026, the threat group identified as UNC3753 conducted a series of meticulously planned operations across the country. Unlike typical cybercriminal groups that rely exclusively on technical exploits, UNC3753 employed vishing—voice phishing tactics