The collapse of SVB has sent shockwaves throughout the financial world. The loss of billions of dollars has not only impacted the investors and customers of the bank but has also opened up a window of opportunity for cybercriminals. Phishing attacks have been on the rise since the collapse of the bank, and it is important to be aware of the dangers of such attacks.

In the case of SVB, cybercriminals are taking advantage of the confusion and panic surrounding the collapse of the bank to launch phishing attacks. These attacks may come in the form of emails or messages claiming to be from the bank or from other financial institutions, asking for personal information or offering to help customers recover their lost funds. These emails or messages may look very convincing, and may even use logos or branding that appear to be legitimate.

Inky, an email protection company, provided screenshots and indicators of compromise for a recent attack that uses the SVB collapse as a ruse and fake DocuSign emails as the attack mechanism.

A screenshot of a phishing email from a real attack that uses the SVB brand to lure customers to engage with the contents. Source: Inky

Clicking on the link would lead you to the following Microsoft login panel, which isn’t legitimate. It’s controlled by hackers. When you enter your username and password, the cybercriminals actually receive them, not Microsoft.

A screenshot of a fraudulent Microsoft login page that will steal credentials and provide them to the hacker running the site. Source: Inky

As Inky rightly points out:

“Once they have them, cybercriminals can use your harvested credentials in a number of ways including gaining access to anything from bank records to employer files, using your email to trick those close to you into surrendering important company data or banking access. Or, your credentials can be sold on the dark web.”

Phishing attacks are one of the most common forms of cyberattacks and are aimed at stealing sensitive information such as passwords, credit card numbers, and other personal data. These attacks are often disguised as legitimate emails, messages or phone calls, and are designed to trick the recipient into providing their sensitive information. Cybercriminals can use this information to carry out fraudulent activities such as identity theft, money laundering, and more.

Security vendor—Domain Tools—has published a list of domains that appear to be potential phishing domains for the SVB collapse:

A screenshot of DomainTools SecuritySnacks repository showing potentially fraudulent SVB domains. Source: TEARLINE.

Email security provider Proofpoint shared a Twitter thread on recent activity related to the collapse that attempt to steal users’ USD Coins, a cryptocurrency that is tied to the actual USD.

To protect yourself from phishing attacks, it is important to be vigilant and cautious. Here are some tips to keep in mind:

  1. Be wary of unsolicited emails or messages that ask for personal information or contain suspicious links or attachments.
  2. Always verify the legitimacy of the sender before clicking on any links or providing any personal information.
  3. Avoid clicking on links in emails or messages, instead, navigate directly to the website by typing in the URL.
  4. Keep your antivirus software up to date and run regular scans on your computer.
  5. Use strong, unique passwords for all your accounts, and enable two-factor authentication whenever possible.
  6. If you receive a suspicious email or message, report it to the relevant authorities or contact the company directly to verify its authenticity.