Scammers have already started taking advantage of Silicon Valley Bank’s bankruptcy to trick people into believing they’ve also been exposed to financial risk.
All significant events trigger waves of spam, particularly when criminals can capitalize on a lack of information surrounding new major events. The more people affected by an event, the quicker the spam and other attack types will show their ugly heads.
The latest example is the devastating earthquake in Turkey which, in less than a day, generated a spam campaign targeting people who might want to donate to victims. The stunning news of one of the largest banking bankruptcies in history was bound to attract criminals.
Attackers could take multiple avenues with their spam campaigns, ranging from more simple attacks in which they convince people to click on a link or download a malicious attachment to more complex ones such as ‘Business Email Compromise’ scams.
In such BEC scams, criminals directly target company employees with specifically designed emails that exploit the SVB situation to create doubt. But before anything like that can be attempted, attackers will secure Internet domains with the SVB name, so their scheme carries more weight.
According to a SANS Internet Storm Center report, the race to register domains ready for use in attacks is already on. The list of URLs contains domains that could be used maliciously in the future, but it’s not a certainty. Also, the list is much more extensive. This is just a snippet.
Consumers and companies need to pay close attention in coming months to emails or messages that point to any kind of interaction with SVB. It’s very likely many numerous spam campaigns are already in the making, waiting to be deployed when they can cause most harm.