A business man in a suit shaking a piggy bank to collect money.

SVB Bankruptcy Fallout: Cybercriminals Targeting Users For Data Theft

The bankruptcy of Silicon Valley Bank (SVB) on March 10, 2023, has caused chaos in the global financial industry and now provides a clear chance for hackers, fraudsters, and phishing attacks.

SVB has been a favoured banking partner for a multitude of startups across the globe. The bank’s collapse is predicted to have a profound impact on this community, resulting in financial insecurity and the possibility of redundancies.

According to several security researchers, cybercriminals are already registering suspicious domains, creating phishing pages and preparing for business email compromise (BEC) attacks. The primary goal is to steal data and money.

Scammers Exploit SVB’s Bankrupt Situation

SVB was a commercial bank located in the United States and was ranked as the 16th largest bank in the country. It held the largest number of deposits of any bank in Silicon Valley, California.

The bank failed on March 10th, 2023, as a result of a significant number of deposit withdrawals. This incident represented the second-biggest bank collapse in American history and the highest since the 2007–2008 financial crisis.

Customers of SVB span a variety of industries including technology, life sciences, healthcare, private equity, venture capital, and premium wine.

Cybercriminals are taking advantage of the situation by registering fraudulent domains connected to SVB, and these domains are highly likely to be used in attacks.

Suspicious domain registrations per day
Suspicious domain registrations per day (SANS ISC)

The websites included in a SVB report are asvbcollapse[.]com, svbclaim[.]com, svbdebt[.]com, svbclaims[.]net, login-svb[.]com, svbbailout[.]com, svbi[.]io, banksvb[.]com, and svblogin[.]com.

Ulrich warned that scammers might target ex-SVB clients with fraudulent services. BEC attackers are also impersonating SVB customers and redirecting payments to their own bank accounts.

Experts have disclosed that scammers have made an effort to contact former SVB clients in an attempt to offer them fake support packages, false legal services, or loans. Customers were forced to move funds to a different bank account as a result of BEC attacks that the fraudsters continued to launch.

An example of this is a cryptocurrency scam where phishing websites have created a fraudulent USDC (digital dollar) reward program, falsely claiming that “Silicon Valley Bank is actively dispensing USDC as part of the SVB USDC program”.

SVB's Bogus Crypto Rewards Page
SVB’s Bogus Crypto Rewards Page (Cyble)

Upon clicking the ‘Click here to claim’ button on the website, a QR code is displayed. Scanning the code could result in a security breach to crypto wallets such as Metamask, Exodus, and Trust Wallet.

Adi Ikan, CEO and founder of Veriti, a security platform, informed Cybernews that there has been a significant surge in phishing campaigns targeting previous SVB customers in the United States, France, and Spain.

Ikan added:

Phishing campaigns are capitalising on SVB’s recent collapse by posing as the bank and its online services. The intent behind these campaigns is to deceive the victims into providing their account information or login credentials.

SVB-Related Attacks Across the Globe
SVB-Related Attacks Across the Globe (Veriti)

Circle, a peer-to-peer payments firm responsible for the widely used stablecoin USDC, held a cash reserve worth $3.3 billion at SVB bank. Nevertheless, SVB’s failure has generated uncertainty, despite the firm’s reassurances of USDC’s liquidity.

As a result of this confusion, a web of cryptocurrency scam sites has emerged, using similar domain names.

Phishing Circle Rewards Page
Phishing Circle Rewards Page (Cyble)

Scam sites posing as Circle are designed to steal users’ digital assets and personal data. Email phishing targeting those affected by the SVB collapse has been found by Proofpoint, an email security company.

The optimal strategy for former SVB users is to keep your composure and stick to the FDIC and The US Government’s proper procedures for interaction.

These organisations are more vulnerable to threat actor attacks in the coming days because of the bankruptcy of Silicon Valley Bank, which has impacted multiple organisations.

It is important to use caution and remain aware when approached by unknown financial institutions offering cash during such situations to avoid becoming a victim of a phishing scam.

There is no one-size-fits-all solution for preparing your organisation against significant events like SVB’s collapse and subsequent cyber-attacks. The best approach to deal with cyber events is to establish a comprehensive security program that addresses various aspects of cybersecurity, including identifying hidden threats present in files that cybercriminals commonly use.

Phishing attacks are on the rise, and it is important to protect your organisation. One effective way to do this is by increasing user awareness about these types of attacks. Phishing Tackle is a great resource that can help you in this regard. They offer a free 14-day trial to help train your users to recognise and avoid phishing attacks.

Recent posts