The collapse of Silicon Valley Bank (SVB) has been widely publicised in recent weeks. When this news broke, the focus was on the tech industry and its impact on businesses, especially UK tech firms. We were onsite when we heard, and immediately discussed the likely security implications of the collapse.
Criminals quickly seized the opportunity of the collapse with research suggesting several threat actors registered suspicious domains and set up webpages for phishing purposes – this indicates business email compromise (BEC) attacks. The objective of a BEC is to steal money, acquire account data or, in some cases, infect the user’s computer or infrastructure with malware.
With this objective in mind, there will most likely be attacks such as phishing emails where the criminals will impersonate former SVB employees or clients and instruct customers to forward payment details or payment to another bank account.
Awareness is key to combatting these potential threats. This is specifically to do with SVB customers. However, the message is the same for everyone: be vigilant about suspicious emails and domains that look similar to organisations you deal with, especially emails that ask for bank information or alterations to bank information. Call the person who sent the email on a number you know is theirs.