Based on historical world events such as COVID-19 and the US Election, we expect to see threat actors leverage the recent bank failures in their Business Email Compromise (BEC) and other attacks in the near future. Cyber-criminals are well organized and are known to seize opportunities when they see them. This moment presents a chance to target not only former Silvergate, SVB and Signature account holders, but also the customers that they serve, and the public at large.
We recommend you read up on these common tactics and remain vigilant in order to protect your assets.
Phishing/Social Engineering Email
Targeting personal social media accounts of employees, such as LinkedIn, where they can identify individuals working at start-ups or other affected organizations.
Know how to identify a phishing email and where to report it.
Be wary of messages that create a sense of urgency and ask you to do something quickly.
Be cognizant that threat actors may use personal social media accounts or text messages to contact you.
May use text “sms-ishing” consisting of urgent message appearing to come from a trusted company.
Attacks Based on News
At times like these, people’s guard goes down, making them more likely to fall prey to an email which contains any news at all.
Email is a primary method, but also through other media, such as Facebook, Signal / Telegram / WhatsApp groups, forums, etc.
Be wary of websites/news promising to ensure/verify your account is protected.
Do not enter you bank information in unknown websites.
Notification of Moving Bank Accounts and Wires
SVB account holders will move their finances and operations to other banks, they will notify their customers with their new account details for future wires.
Follow all procedures and verify all changes are correct with your vendors and customers.
Set up monitoring to check every receivable account change after it has been changed.
Review policies for verification of any changes to existing invoices, bank deposit information, and contact information.
Consider using a secondary channel, such as phoning the individual to verify that request.
Relief/Working Capital/Funding Fraud
Fraudulent or predatory companies are offering too good to be true funding for you or your business during this tough financial time. They might be trying to steal our personal information or your money through fees collected.
Fraudsters may illegally use government logos or reputable customer services (BBB) in their marketing materials.
Only seek funding from reputable financial services
Be diligent in understanding the terms of all credit terms extended to you or your company.
If you believe you have been party to a scam. report it to your financial institution quickly.
Submit a complaint with the FTC: FTC.gov/Complaint.
Contact your state Attorney General. You can find contact information at NAAG.org.