On Saturday March 11, I warned about the coming wave of phishing attacks that would undoubtedly follow the SVB collapse. We were not disappointed.
There is a raft of new registered domains that are SVB-related, for example login.svb[.]com and many others that will probably all be used for business email compromise (BEC) attacks.
Adi Ikan, CEO of Veriti, observed that "Phishing campaigns are leveraging SVB's recent collapse to impersonate the bank and its online services. We have observed an increase in the registration of fake phishing domains in the U.S. (88%), Spain (7%), France (3%) and Israel (2%), and we anticipate this number to grow."
INKY describes a phishing campaign that's impersonating (SVB) with phony DocuSign notifications: "Email recipients are told that the 'KYC Refresh Team' sent two malicious documents that require a signature. 'KYC' is a banking term that stands for 'Know Your Customer' or 'Know Your Client.' It's a mandatory process banks use to verify an account holder's identity.
Cyberwire Pro has a good summary. Their newsletter is a 'Stu's Warmly Recommended".
Train users about the risks. We have simulated phishing attack templates in your Current Events section with SVB-themes ready-made for you to send to your users.
Stop, Look, and Think. Don't be fooled.
The KnowBe4 Security Team and LMT Technology Solutions