On Friday, March 10, 2023, California state regulators took possession of Silicon Valley Bank (SVB) and appointed The Federal Deposit Insurance Corporation (FDIC) as receivers. SVB was a 40-year-old commercial bank that was an important lender for the tech and venture capital sector. It’s estimated that half of US venture-backed start-ups were customers of the bank.
Based on historical world events such as COVID-19 and the US Election, we expect to see threat actors leverage the SVB theme in their business email compromise (BEC) and social engineering attacks in the near future. Threat actors can leverage phishing emails which could contain new banking wire information, instructing an employee to make changes to benefit the threat actor in this scenario for financial gain. Threat actors may also target employees’ social media accounts, such as LinkedIn, where they can identify individuals working at start-ups or other affected organizations.
Arctic Wolf Labs has multiple detections in place for suspicious activity on email accounts associated with BEC and account takeover attacks. We continue to actively monitor for tactics, techniques, and procedures (TTPs) associated with campaigns that may arise from these events.