[Heads Up] The SVB Bankruptcy Is A Social Engineering Bonanza



JasperArt_2023-03-11_10.15.24_3Saturday March 11, 2023 -- Over the last 24 hours, the Federal Deposit Insurance Corporation has established the FDIC Bank of Santa Clara and insured depositors will have access to funds no later than Monday morning. 
 
Online banking services are expected to be restored over the weekend and customers will be able to transfer funds out of SVB—possibly up to the insured limit—to start. No details have been provided thus far as to the status of accounts held in SVB foreign affiliates. We’re only beginning to see the impact of Silicon Valley Bank’s implosion, there will be widespread ripple effects.
 
If your organization has credit cards with SVB, charges on these cards are apparently declined. Per an FDIC FAQ, all Lines of Credit will be permanently frozen as of closing on March 10, 2023.  This may very well cause temporary operational interruptions for many organizations as they are trying to source a replacement card program ASAP.
 
This type of process can take several weeks, as orgs reach out to other direct card vendors (Amex/Mastercard) to apply for a corporate card that will serve as a travel and purchasing card to minimize travel (booking flights) and shipping disruptions. Many orgs will choose to have employees use their personal credit cards to book travel until a new permanent solution is installed. 
 
Apart from all kinds of press announcements, there will be a flurry of corporate communications, orgs scrambling to get their employees to their destinations, and various confusions during the fog of clearing this up.  You will see messaging about:
  1. Communication to employees that their credit card is no longer active and to use their personal cards to fund reimbursable expenses. 
  2. Customers using SVB cards to remit payment will be contacted and directed to use another bank's card or to send payment in another form.
  3. Organizations will start to look at mission critical vendors and reach out to their Account Manager to determine the impact on their business. Vendors with concentrated banking operations at SVB may experience operational downtime that could impact production.
This largest bank run in history (in terms of withdrawals) poses a high risk for social engineering
 
Silicon Valley Bank's customers withdrew $42 billion from their accounts on Thursday. That's $4.2 billion an hour, or more than $1 million per second for ten hours straight. To put that in context, the previous largest bank run in modern U.S. history took place at Washington Mutual bank in 2008, and totaled $16.7 billion over the course of 10 days. That's a mere trickle in comparison to what was seen at SVB.

By Friday morning the amount of cash left in SVB's coffers was negative, to the tune of $958 million. SVB was insolvent. No bank can withstand that kind of outflow in a single day — especially when a similar-sized outflow was all but certain the following day. That's why SVB was taken over by the FDIC.
 
Unfortunately, the angles of attack are almost limitless, here are a few of the obvious ones:
  • Orgs receiving "rush" communication from multiple sources (Vendors, Banks, Customers).
  • Cybercriminals claiming to be SVB or the FDIC attempting to take advantage of untrained employees who have access to their Company's funds, AP registry, or customer accounts, or possible offers to help with "covering payroll".
  • Communication from vendors with instructions to discontinue payment to accounts linked to SVB and to wait for further direction regarding banking details.
  • Employees receiving emails that their corporate credit cards no longer work and "sign up for a new one here".
  • Customers asking for refunds, with details for a new bank account. 
The list goes on. It is important to understand that panic is contagious. It would be smart to update employees worldwide to keep a very sharp eye out for anything SVB related, and any suspicious activity should be reported right away to the right people in the organization. In the same vein, there will be a significant amount of social media exposure, with the resulting disinformation, misinformation, and clickbait. Warn your users to be very careful with those as well and not to forward anything that is not fact-checked. 
 
Let's stay safe out there.
 
Stu
 
PS: BTW, if you’re wondering how long it can take to sort out a collapsed megabank, here’s one from the Bloomberg archives: The Last of Lehman Brothers. Hint, they are still working on it 15 years later.
 
3/13/2023 UPDATE:  FED Backstops SVB and Signature Bank. Article at WSJ.

Get Your CEO Fraud Prevention Manual

CEO-Fraud-Prevention-Manual-WP-FannedCEO fraud has ruined the careers of many executives and loyal employees, causing over $26 billion in losses. Don’t be the next victim. This manual provides a thorough overview of how executives are compromised, how to prevent such an attack and what to do if you become a victim.

Get Your Manual

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://info.knowbe4.com/ceo-fraud-prevention-manual



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews