The recent shutdown of Silicon Valley Bank (SVB) has caused a frenzy in the financial industry, with many individuals and organizations wondering about the impact of the crisis on their finances. However, amidst this chaos and confusion lies a significant opportunity for cyber attackers to exploit the situation and target SVB account holders, their customers, and suppliers.

Most cyber-attacks are successful due to social engineering, deception, and fraud, and the SVB shutdown presents a perfect opportunity for bad actors to launch phishing and fraud attacks. In fact, according to the IBM Cost of Data Breach Report 2022, compromised credentials due to phishing or fraudulent actions are the initial attack vectors in about a third of cases. Additionally, business email compromise (BEC) is the second most profitable attack type for organized cyber criminals.

With the increased stress and uncertainty surrounding the SVB shutdown, founders, CEOs, CFOs, and finance teams are more susceptible to these attacks, making it crucial for individuals and organizations to be vigilant and cautious. Attackers may use different communication channels such as email, Signal, Telegram, WhatsApp groups, and forums to launch phishing and fraud attacks.

As SVB account holders move their finances and operations to other banks, they will notify their customers of their new account details for future wires. In today’s supply chain landscape, companies work with multiple suppliers, and finance departments will be bombarded with requests about changing these accounts. This increased volume can make it far more likely to accidentally approve a malicious bank change request, especially if the threat actors are working from a compromised account with internal information they gained through a phishing attack.

To protect yourself and your organization from SVB-related attacks, it’s crucial to be aware of the telltale signs of phishing and BEC attacks. Refresher training on phishing and BEC should be mandated for everyone on the company’s front lines, including founders, C-level executives, finance departments, and customer success representatives. Vendors should also send emails to their customers explaining the expected process for wire changes, including all the expected manual verification.

See also  An RIA Guide to Deciphering Managed IT, Cybersecurity Operations, and Cyber Governance

In addition, processes around payment changes should be robust, and an extra layer of manual verification or signature should be added, at least for the next 30–60 days. Ensure that there is no way for a bank account to be changed without an actual call and human interaction with every vendor you work with.

Setting up additional monitoring for account and financial activity is also recommended. Pay extra attention to failed logins, multifactor authentication failures, and executive accounts and finance departments, as they are the most likely targets for these attacks.

If you are an SVB account holder, monitor any account change notifications from your customers and carefully check each one of them. Finance teams should set up monitoring to check every receivable account change after it has been changed. Additionally, adding a policy that does not allow for the transfer of funds to accounts that have been modified in the last 7 or 14 days can give enough time for the vendor or the auditor to notice it before any money has been wired.

While the SVB crisis presents a significant opportunity for attackers, raising awareness, implementing better processes, and undertaking tighter monitoring can prevent it from having even wider repercussions on your business. It’s crucial to be vigilant and cautious during these uncertain times to protect yourself, your organization, and your customers from cyber-attacks.

  • Be aware of the telltale signs of phishing and BEC attacks.
  • Mandate refresher phishing and BEC training for everyone who is on the front lines of the company.
  • Send emails to customers explaining the expected process for wire changes, including all the expected manual verification.
  • Make sure that processes around payment changes are robust, and add an extra layer of manual verification or signature, at least for the next 30–60 days.
  • Ensure there is no way for a bank account to be changed without an actual call and human interaction with every vendor you work with.
  • Set up additional monitoring for account and financial activity.
  • Pay extra attention to failed logins, multifactor authentication failures, and executive accounts and finance departments.
  • Monitor any account change notifications from your customers and carefully check each one of them.
  • Set up monitoring to check every receivable account change after it has been changed.
  • Add a policy that does not allow for the transfer of funds to accounts that have been modified in the last 7 or 14 days.
See also  If You’re Not Bundling XDR & Managed IT, You’re Leaving Room for Vulnerabilities

Following these steps can help protect you and your organization from phishing scams in light of the recent Silicon Valley Bank shut down.