720-891-1663

Silicon Valley Bank Implosion is a Fraudster’s Paradise

For those not aware, Silicon Valley Bank is the go-to bank for tech startups and VCs all over the country. Until the state of California shut it down and the feds took it over. The chaos and confusion of the feds off again, on again bailout (and the sale of the UK part of the bank to HSBC) is the fodder that business email compromise attacks long for.

For any company that had money in the bank, they are under a lot of stress right now and just might click on the wrong link.

Add to that, anyone who does get all or part of their money out is going to be changing banks. That means thousands of emails to vendors and suppliers to tell them about new banking arrangements.

It would not be hard to intercept some of those emails and redirect them to bank accounts of hackers. If the hackers already had compromised the email of an executive at a supplier, now would be the perfect time to spring an attack. An email from the CFO to accounting telling them to change the bank account would be perfectly believable.

While half of the accounts at SVB were linked to VC funded companies, the other half were not, hence the fraud radius will be large.

So what to do?

Number 1, of course is awareness. That starts with this blog post

Number 2, processes. Even your cyber insurance won’t pay out if you don’t verify new account information by some OUT OF BAND method of verification. Call, yes, with a telephone, the buddy you know in accounting at the other company and verify the change.

Number 3, monitor. Monitoring both phishing activity with your system monitoring tools and financial activity with your bank monitoring tools is the next line of defense.

If you used to be an SVB customer, monitor the inbound chatter. If a vendor sends you an email to verify that the changes to payment methods were made, make sure you asked for that change.

Credit: Helpnet Security

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *