We have yet to see full implications of the Silicon Valley Bank’s (SVB) collapse. One thing we anticipate seeing is a rise in Business Email Compromise (BEC) attacks stemming from the incident. Many businesses have engaged or will be engaging with new banks and may need to ask clients and vendors to amend payment instructions. This will create easy targets for phishing campaigns in luring businesses into paying an unintended recipient.
Insurance wholesale distributor, RT Specialty, noted that their Cyber Threat Intelligence and Incident Response Teams have already observed an uptick in registered domains involving SVB. This indicates that phishing campaigns and BEC attacks are going to be proactively taking advantage of the recent events.
Below are helpful tips to make sure your business does not fall victim to these attacks:
Verify, Verify, Verify: Create and follow a policy which indicates that anytime a change in payment is requested by a third party (this includes payroll information from employees), a phone call must be made to verify accuracy of the information.
Educate: Educate your employees about social engineering, BEC and other cybercrimes. Provide clear instructions on how to spot fraudulent or concerning emails and what to do if fraud is suspected.
Notify: If a fraudulent payment is made, contact your bank immediately to initiate a recall and call your broker or insurance carrier for additional instructions.