Exploitation of SVB collapse by cybercriminals for stealing money and data
The global financial system is in turmoil after the Silicon Valley Bank (SVB) collapsed on March 10, 2023. Hackers, scammers, and phishing campaigns are taking advantage of the situation, registering suspicious domains and conducting attacks to steal money, account data, or infect targets with malware.
SVB was the 16th largest commercial bank in the US and the largest bank in Silicon Valley. Its collapse has impacted businesses and individuals in various industries who were SVB customers, including technology, life science, healthcare, private equity, venture capital, and premium wine.
Security researchers have reported that threat actors are already registering suspicious domains related to SVB and impersonating SVB customers to steal payments meant for legitimate companies. Some of the suspicious domains include login-svb.com, svbbailout.com, svbcertificates.com, svbclaim.com, svbcollapse.com, svbdeposits.com, svbhelp.com, svblawsuit.com, svbdebt.com, svbclaims.net, svb-usdc.com, svb-usdc.net, svbi.io, banksvb.com, and svbank.com.
Cyber-intelligence firm Cyble has also identified a network of cryptocurrency scam sites using website domains like redeemed-circle.com, circle-reserves.com, circleusdcoin.com, circle-mintusdc.com, svb-circle.com, circle.web3claimer.net, and usd-circle.com.
Former SVB customers are advised to stay calm and follow official communication channels of the US government and the FDIC. They should ignore any emails from unusual domains and triple-check any requests to change bank account details for payments. It is best to confirm payment changes via phone and not email as email accounts can be compromised during these attacks.