Experts Blog

What are the Cybersecurity-Related Implications and Impacts?

Silicon Valley Bank (SVB) was shuttered early this month and had its deposits seized in the largest U.S. bank failure since the 2008 financial crisis. Once the 16^th largest lender in the United States, SVB’s failure makes it the second largest ever such institutional collapse. The ramifications could be far-reaching. Already there are concerns that start-ups may not be able to pay employees in the days and weeks ahead.

Although it may seem like SVB’s collapse will only impact its direct customers and depositors, it is far more complicated than that. Vendors of the failed bank – whose holdings are now managed by the Federal Deposit Insurance Corporation (FDIC) – may also soon feel the impacts of the Santa Clara-based bank’s collapse and subsequent takeover by financial regulators. Like vultures to roadkill, cyber scammers often wait to exploit and target victims after tragedy strikes, or bad news arises. A perfect storm of stress, uncertainty, and urgency for customers and vendors alike during this time can impair someone’s judgement when they click links and open emails they otherwise would ignore or delete.

Below, Fortalice has outlined a few different ways cybercriminals social engineer their victims during times of extreme distress and insecurity. Now, more than ever, is a time to stand guard, stay aware, trust your gut, and remain one step ahead of the bad guys.

Cyber Attack Methods

Unregistered Domain Names

Since news of the collapse broke, cybersecurity firms have been monitoring the registrations of SVB-related domains and the vendors of SVB customers because cyber criminals could use these SVB-related domains to launch phishing attacks. Listed below are some suspicious domains that emerged after March 10, 2023:

• svbcollapse[.]com
• svbclaim[.]com
• svbdebt[.]com
• svbclaims[.]net
• login-svb[.]com
• svbbailout[.]com
• svb-usdc[.]com
• svb-usdc[.]net
• svbi[.]io
• banksvb[.]com
• svbank[.]com
• svblogin[.]com

Business Email Compromise (BEC)

Cybercriminals will undoubtedly target SVB victims though business email compromise (BEC). Most likely, these fraudsters may pose as a trusted person to scam a victim into wiring them money.

Phishing Campaigns

There are numerous reports that cybercriminals are targeting former SVB customers in the United States, France, and Spain by impersonating the representatives of the new shuttered bank in an attempt to trick victims into divulging their account information or login credentials.

Phishing Websites

In the wake of the collapse, nefarious phishing sites have proliferated online (e.g., svp-usdc.net, circle-reserves.com) with the false promise of a USD coin (USDC) reward program. With this scam, the bad actors claim that SVB is actively distributing USDC to eligible clients as part of its own USDC payback program. The scammers are aiming to steal cryptocurrency from the victims account by offering USDC. One such scam directs the victim to click on a QR code to receive the USDC using any cryptocurrency wallet. Unbeknownst to the victim, scanning the code will compromise the user’s online wallet account.

Invoice and Payment Fraud

Employees at companies who banked with SVB should also be aware of potential internal and external impersonation attacks, such as emails purporting to be from their Chief Financial Officer, Human Resources, or an accounting specialist informing them that they need to register an online account with the company’s new bank. Other related scams my target employees in a company’s finance department with instructions on updating details regarding the company’s wiring information.

Supply Chain Compromise

Bad actors will also leverage uncertain times like these to launch another method of attack via supply chain compromise. A cybercriminal may conduct Open-Source Intelligence technology research on a SVB client to identify vendors. Once attackers have identified a vendor of an SVB client, they will try to leverage compromised accounts from vendors to launch attacks that are specifically designed to bypass your organization’s traditional email security protocols.

How to Protect Yourself

Companies all around the world are trying to navigate and decrease cybersecurity risks associated with the SVB closure. Below are some recommendations to help reduce your vulnerability during this time:

• Avoid downloading or clicking files from unknown websites.
• Refrain from opening links and email attachments before verifying the legitimacy of email.
• Educate all executives and employees on security awareness, focusing on types of cyber-attacks noted above (e.g., phishing threats and untrusted URLs).
• Invest in technology that blocks advanced email attacks before they can even be delivered.
• If the first fund transfer to a new account involves a large sum of money, transfer a small amount first, call to confirm the transaction was successful, and then transfer the remaining funds.

How Fortalice Can Help

It may be a stressful and challenging time to navigate transitioning financial institutions or understanding the situation facing Silicon Valley Bank and Signature Bank; however, Fortalice stands ready to support you:

• Social Engineering Training: Our Digital Intelligence team can provide training to employees on the dangers of social engineering, common tactics and how to avoid becoming a victim.
• Updating Incident Response Plans: Our Custom Solutions team is highly skilled in weaving policy requirements into our clients’ incident response plans, so you’ll never be concerned that your organization is missing the mark with one of the government’s latest rules or requirements.
• Test Your Incident Readiness: The Fortalice Strategic Communications team is ready to help you test out your updated IRPs through tailored tabletop exercises that fit your organization’s ever-expanding and continuously evolving security needs.
• Provide More Detailed Overview: Working together, our Custom Solutions and Strategic Communications teams can provide a more detailed analysis of the proposed new rules as well as an assessment of how each rule stands to affect your organization and its resources.

For additional information on Fortalice Solutions service offerings, contact the team via email at watchmen@fortalicesolutions.com.