By Bill Toulas March 14, 2023 11:55 AM
My thoughts using Barracuda Complte Mail Protection in front of O365 or G-suite is very in expensive compared to your complet network or computers being taking down with malware.
The collapse of the Silicon Valley Bank (SVB) on March 10, 2023, has sent ripples of turbulence throughout the global financial system, but for hackers, scammers, and phishing campaigns, it’s becoming an excellent opportunity.
As multiple security researchers report, threat actors are already registering suspicious domains, conducting phishing pages, and gearing up for business email compromise (BEC) attacks.
These campaigns aim to steal money, steal account data, or infect targets with malware.
SVB going defunct
SVB was a U.S.-based commercial bank, the 16th largest in the country, and the largest bank by deposits in Silicon Valley, California.
On March 10, 2023, the bank failed after a run on its deposits. This failure was the largest of any bank since the 2007-2008 financial crisis and the second-largest in U.S. history.
This event has impacted many businesses and people in the technology, life science, healthcare, private equity, venture capital, and premium wine industries who were customers of SVB.
The chaotic situation is further worsened by the prevailing elements of urgency, uncertainty, and the significant amounts of money deposited at the bank.
Scammers jump at the opportunity
Security researcher Johannes Ulrich reported yesterday that threat actors are jumping at the opportunity, registering suspicious domains related to SVB that are very likely to be used in attacks.
Some of the examples given in a report published on the SANS ISC website include:
login-svb[.]com
svbbailout[.]com
svbcertificates[.]com
svbclaim[.]com
svbcollapse[.]com
svbdeposits[.]com
svbhelp[.]com
svblawsuit[.]com
Ulrich warned that the scammers might attempt to contact former clients of SVB to offer them a support package, legal services, loans, or other fake services relating to the bank’s collapse.
An attack already seen in the wild is from BEC threat actors who are impersonating SVB customers and telling customers that they need payments sent to a new bank account after the bank’s collapse.
However, these bank accounts belong to the threat actors, who steal payments meant to go to the legitimate company.
Cyber-intelligence firm Cyble published a similar report today exploring developing SVB-themed threats, warning about these additional domains:
svbdebt[.]com
svbclaims[.]net
svb-usdc[.]com
svb-usdc[.]net
svbi[.]io
banksvb[.]com
svbank[.]com
svblogin[.]com
Many of these sites were registered on the day of the bank’s collapse, March 10, 2023, and are already hosting cryptocurrency scams.
These scam pages tell SVB customers that the bank is distributing USDC as part of a “payback” program.
“March 13 2023 – Silicon Valley Bank is actively distributing USDC as part of the SVB USDC payback program to eligible USDC holders. USDC payouts can only be claimed once per wallet,” claims the cryptocurrency scam.
However, clicking on the site’s ‘Click here to claim’ button brings up a QR code that attempts to compromise Metamask, Exodus, and the Trust Wallet crypto wallets when scanned.
Article (https://www.bleepingcomputer.com/news/security/cybercriminals-exploit-svb-collapse-to-steal-money-and-data/)
Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Axcient
“Where Service and Technical Skills Count”