Researchers at ReliaQuest warn that organizations should continue to be on the lookout for social engineering attacks related to Silicon Valley Bank (SVB).
“Not ones to procrastinate, cybercriminals have already begun exploiting SVB’s collapse,” the researchers write. “Phishing scams impersonating the bank have been observed targeting cryptocurrency users. Attacks have also been observed impersonating financial services companies, promising cryptocurrency users a payout because of the collapse.”
The researchers note that attacks themed around SVB will likely be more targeted and focused on financial employees and executives working for the bank’s corporate customers.
“We’ve been monitoring cybercriminal forums for reaction to the event,” the researchers write. “At the time of writing, reaction has been limited—SVB was not a retail bank, so cybercriminals are less likely to have premade phishing kits ready to impersonate SVB. However, for at least some cybercriminals, interest has been piqued: one forum user noted that the collapse leaves former customers vulnerable to targeting.”
ReliaQuest has observed chatter on criminal forums surrounding the situation, with one crook stating that this is “a good time to target the banks [sic] clients,” since they’re “probably looking to take out the money asap.” This will likely lead to business email compromise (BEC) attacks.
“In BEC attacks, threat actors impersonate, or sometimes compromise, employee email addresses to trick other employees into transferring them money,” the researchers write. “High-ranking employees, like CEOs or CFOs, are particularly likely to be impersonated. With former SVB clients currently finding new banks and conducting large-scale money transfers, they are particularly at risk.”
The researchers conclude that organizations, particularly those that have worked with SVB, should warn their employees to be on high alert for these types of attacks.
“BEC campaigns instill a sense of urgency around money transfers,” ReliaQuest explains. “They can be difficult to identify for victims, particularly when email accounts have been hijacked. Individuals responsible for making financial payments should be aware of common BEC tactics and should ensure payment requests are valid before transferring funds. Companies should inform employees of their business relationship with SVB and give employees instructions on how to verify whether emails are legitimate.”
New-school security awareness training can enable your employees to thwart targeted social engineering attacks.