If you haven't been following the story, Silicon Valley Bank(SVB) was closed down by the California Department of Financial Protection and Innovation following a bank run that was sparked by a possible bankruptcy and a stock market meltdown. Customers of SVB will be able to access the protected portion of their accounts through the deposit insurance national bank, which has been formed by the Federal Deposit Insurance Corporation, which has been designated as the receiver.
SVB's failure on March 10 affected numerous businesses and individuals who were customers of this US-based commercial bank. The situation is rather chaotic, and a bank run has naturally ensued.
The bankrupt bank was a favoured partner for many businesses in the United States and overseas, and they are now desperately seeking other finance to keep the firm running.
As a result, these businesses have become a top target for threat actors who are taking advantage of the current scenario by engaging in a variety of destructive behaviours.
What remains a threat to the global financial system has become a potential goldmine for cybercriminals, who are using the collapse of the Silicon Valley Bank (SVB) to conduct phishing and business email compromise (BEC) attacks.
Cybersecurity researchers report that threat actors have been registering suspicious domains and trying out BEC attacks or phishing campaigns. The classic aim is, of course, to steal money and data with the help of malware. Active phishing campaigns targeting former SVB customers in the US, France, or Spain have been at an all-time high post this event.
The fact that founders, CEOs, CFOs, and finance teams are currently dealing with uncertainty and a lack of information only serves to fuel the fire of attackers. When this happens, individuals tend to let their guard down and are more susceptible to being duped by an email that provides any news (and preferably good news). Attacks like this may occur via email as well as other platforms that cater to the founders and financial communities, such as forums and groups on Signal, Telegram, and WhatsApp. Everything becomes a potential point of attack.
Obtaining access by this type of social engineering or through other, more conventional methods is simply the start of the primary effort that we anticipate to see: a sizable BEC operation that makes use of the incredible number of account changes already under way.
How can you protect yourself from SVB-related attacks?
Phishing, BEC, and related tactics are all basically fraud. They involve some type of impersonation, which motivates a victim to act (via a website, email, text message or other messaging services).
As a result, awareness serves as your first line of protection against these attacks. Potential victims will be more vigilant and be less likely to fall for such schemes if they are aware of the warning indicators to look for in these attacks.
Everyone who works directly for your business, including the founders, C-level executives, finance departments, customer success reps, etc., should be required to undergo refresher phishing and BEC training.
It's crucial to clarify how this training may stop a problem from becoming much worse. Increase awareness of potential future attacks by helping individuals recognize the difference between the genuine and bogus threats and the potential size of a breach.
Lastly, it's important to implement extra account activity (phishing) and financial activity monitoring (BEC). In terms of phishing, be careful to increase the level of awareness of any prospective phishing attacks within your SOC. Pay close attention to failed multifactor authentication (MFA), unsuccessful login attempts, etc. Executive accounts and finance departments should be given extra attention because they are the most potential targets for these attacks.