Silicon Valley Bank (SVB) experienced a rapid implosion last week after a historic bank run. While many are discussing the immediate financial impacts to the bank accounts — which were largely held by venture capitalists, investors, and technology business owners — and the larger impact on banking in general, it’s important to note that there will be a secondary impact.
Hackers and scammers are going to take advantage of the confusion to launch a barrage of social engineering attacks.
Who Will Be Targeted by SVB Scams?
Threat actors will be going after SVB banking organizations or individuals who were customers of SVB, as well as employees of SVB. Both customers and employees of SVB are in a vulnerable position, waiting to know exactly what to do and how to do it to recover funds and understand any next steps. This puts them in a vulnerable position and susceptible to following directions that under normal circumstances would be suspicious. They are unsure who will be communicating what directions with them, so they may be more likely to open any email with “SVB” in the subject line.
Even if someone is not connected directly to SVB, attacks that reference SVB are likely on their way to inboxes around the country. Hackers will disguise themselves as other banks or organizations and utilize SVB as context for why they are acting outside normal requests or practices — such as asking for personal information or prompting users to click on a link.
How Will Hackers Attack?
The most obvious forms of attack will come through phishing emails, spoofed websites, or even malvertising ads (a new cyber attack method where malicious code is hidden in digital ads). Now is the time to be extra cautious with clicks.
Phishing emails will be the most likely attack vector, with threat actors potentially posing as SVB representatives or government entities (such as the FDIC). In addition, they may pose as SVB representatives, government entities (such as the FDIC), or even non-SVB related individuals or organizations such as your bank or your payroll team and tell you that due to growing concerns with SVB, they are expecting a rise in scams, so to remain secure, you need to ‘update your information.’ That kind of email is the perfect example where you should be cautious – don’t click.
Why Will SVB-related Scams Work?
With SVB all over the news and so much discussion surrounding how this will have a ripple effect in the broader economy, there are a lot of unknowns swirling through the general public’s minds. Threat actors will prey on these unknowns and easily create plausible stories that trick users into following their instructions. On any other normal day, most people would be suspicious if we got a call asking for specific information about our banking information or personal information.
However, when a big uncertainty is looming in our minds, we don’t have a measuring stick to determine what is suspicious under new circumstances. Even if instructions go against normal safety precautions people often accept them and follow them if they seem to be coming from a person in authority.
As a result, many people hand over sensitive information even when it goes against conventional wisdom to protect that information.
Words From Arctic Wolf
Arctic Wolf CEO, Nick Schneider, stated recently on CNBC:
“Any time there is change – especially change that is happening en masse across the entire industry or entire community – there are opportunities for the attacker to exploit that. And they’ll look to exploit it through phishing campaigns that have language that is similar to an email that they might expect to get from their bank, or their CFO, or their board member, or… fill in the blank.”
How to Stay Safe Against SVB-related Scams
There are a few steps anyone can take to make sure they don’t fall victim to a scam or accidentally expose themselves or their organization to threat actors:
- Maintain a heathy level of suspicion anytime you’re being asked for information, especially if SVB is mentioned.
- Pay attention to who the sender is in the emails you receive, if you don’t know them or it’s a phishy email address, do not engage with them.
- Double check every link before you click – especially if you are asked to login to an account. Instead of using the links provided to you, utilize links you already know and trust.
- Pay attention everywhere you communicate, threat actors will also attempt to launch attacks over text messages or send direct messages to personal social media accounts. Always avoid communicating through these channels.
- Look out for communications that play up the urgency of the situation. Social engineers will play on any fear, frustrations, or concerns in times of crisis.
- Only use official, verified channels of communication – don’t rely on a method that someone just gave to you via an unknown message. For example, don’t call SVB, or any other entity at a number that was just shared via email. Use established phone numbers that are trusted and verified.
- Always verify through another communication medium before taking action. For example, calling someone at a verified phone number you know is legitimate to confirm a request they sent through email.
- If you see anything suspicious, report it right away.
In addition to the above tips, security awareness training can address the current risks, evergreen threats, and future issues.
Also, make sure your organization has some security awareness training that addresses this current risk. Security awareness training that is relevant and new is needed to educate all employees about the latest potential dangers to avoid critical mistakes. A security awareness solution that delivers fresh, relevant content is the best for thwarting sudden threats like the ones posed by the SVB collapse.
Learn more about how social engineering attacks can impact an organization with “16 Social Engineering Attack Types.”
Better understand how strong security awareness training can be the best defense against social engineering attacks with “The Complete Security Awareness Program Plan and Strategy Guide.”
