Cybercriminals began to take advantage of the SVB (Silicon Valley Bank) bankruptcy for their own purposes. Major events and crises like this often trigger an avalanche of phishing attempts. The collapse of the SVB was the latest.
The bank, one of the key financiers of tech start-ups, with assets worth tens of billions of dollars, recently went bankrupt. The US government soon stepped in to secure customers' money. According to experts at cybersecurity company ESET, even if you or your business were not affected by such incidents, you may be at risk of cybercrime. Phishing and business email hijacking (BEC) attempts are already reaching inboxes around the world.
According to ESET experts, it is not new for scammers to use the news to increase their success rate. According to ESET Turkey Technical Manager Gürcan Şen, there are several reasons why the SVB case is more attractive and attractive:
“We're talking about a lot of money: when the SVB went bankrupt, it had an estimated US$200 billion in assets.
Customers who can't access their assets worry too much about how to pay the bills.
Confusion about how exactly customers can contact the failing bank.
The fact that the bankruptcy occurred after the collapse of Signature Bank caused even more concern about the whereabouts of funds and the health of the financial system.
SVB's global presence: It has a UK branch and several subsidiaries and offices in Europe. These expand the pool of potential scam victims.
In terms of BEC: Many SVB corporate customers are expected to inform their partners about bank account changes. In the meantime, scammers can intervene and have their own information transmitted.”
It's not uncommon to see multiple domains registered by firms looking to offer legitimate loans or services to bank's customers who have been in trouble in such events. It can be difficult to distinguish the real domain name from those taken for fraudulent purposes. There's already a long list of newly registered lookalike domains that might try to scam people.
SVB phishing attempts
As always, phishing attempts focus on classic social engineering techniques:
Using breaking news to lure buyers
Using fakes of SVB or other brands to gain buyer's trust
Creating a sense of urgency to compel buyers to act without thinking. Which is not so difficult given the circumstances of bankruptcy.
Malicious links or attachments to gather information or steal money
BEC threats
This event provides the perfect conditions for BEC attacks to flourish. Finance teams will be asked to be briefed by suppliers who have previously banked at SVB and have now changed financial institutions. As a result, they will need to update their account details. Attackers can exploit this confusion and impersonate suppliers with altered account creditor details.
How to avoid SVB and similar scams?
Phishing and BEC are becoming more and more common. The FBI Internet Crime Report 2022 reports more than 300.000 victims of phishing last year, highlighting it as the most popular form of cybercrime. BEC scammed over US$2022 billion in 2,7, making it the second highest-grossing category.
ESET Turkey Technical Manager Gürcan Şen suggested the following items to be considered in order to be protected from fraudsters.
“Email, SMS, social media, etc. Be wary of spam messages received. Try to independently verify these with the sender before deciding whether to reply.
Do not download anything from an unsolicited, unexpected message, click on any link, or provide sensitive personal information.
Watch out for grammatical errors, spelling errors, these may indicate a fake message.
Hover the mouse cursor over the email sender's display name. Check if the e-mail address looks original.
Enable two-factor authentication (2FA) for all online accounts.
Use strong and unique passwords stored in a password manager for all your accounts.
Install or turn on automatic updates for your devices regularly.
Report anything suspicious to the corporate security team.
More importantly, make sure you have up-to-date security software from a reputable manufacturer on all your devices.”