Security News > 2023 > March > SVB collapse's mix of money, urgency and uncertainty makes it irresistible to scammers

According to various researchers and security firms, threat actors are already out hunting for SVB-exposed prey through both passive and active phishing scams, including similar fake domains and business email compromise attacks.

Dean of Research at SANS Technology Institute, Johannes Ullrich clocked a rapid increase in the number of domain registrations containing the word "SVB" since the March 10th collapse.

"We also got reports that former SVB customers are sending simple emails to update their vendors with new ACH account information. Please stop that. Just a matter of time for the bad guys to spoof emails like that."

The company said it hadn't yet seen any large scale ACH campaigns utilizing the SVB brand, but that doesn't mean such schemes aren't imminent.

American cybersecurity firm Proofpoint said on Tuesday it's researchers had tracked "a campaign leveraging lures related to USD Coin, a digital stablecoin tied to USD that was impacted by the SVB collapse."

According to the firm, Once Circle, the company which issues USD Coin, announced it had cash reserves in SVB, the threat actor started spoofing the fintech company with a lure promising 1:1 USDC to USD redemption.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/03/15/rise_in_svb_related_domain/