The collapse of Silicon Valley Bank (SVB) on March 10, 2023, has created an opportunity for hackers, scammers, and phishing campaigns to exploit the situation.
Threat actors have already begun registering suspicious domains and conducting phishing pages, as well as preparing for business email compromise (BEC) attacks. Many of these domains, such as svbcollapse.com and svbdeposits.com, were registered on the day of the bank’s collapse and are hosting cryptocurrency scams.
Scammers may also contact former clients of SVB and offer them support packages, legal services, loans, or other fake services relating to the bank’s collapse.
Cyber-intelligence firm Cyble has published a report warning about additional domains, such as banksvb.com and svblogin.com, which are already hosting cryptocurrency scams.
These scam pages tell SVB customers that the bank is distributing USDC as part of a “payback” program, but they attempt to compromise crypto wallets when clicked.
In another case, the threat actors behind cash4svb.com attempt to phish former SVB customers’ contact information and promise them a return between 65% and 85%. Peer-to-peer payments firm Circle, which manages the popular stablecoin USDC, had a cash reserve of $3.3 billion in the SVB bank. However, the SVB collapse has created uncertainty despite the firm’s assurances of USDC’s liquidity.
Former SVB customers are advised to stay calm and follow the official communication channels of the US government and the FDIC.
They should also ignore any emails from unusual domains and triple-check any requests from alleged SVB banking customers who request that they change bank account details for payments.
The best method to confirm payment changes is to reach out to the contact via phone, not email, as email accounts can be compromised during these attacks.
