Potential Phishing Activity due to Recent Banking Failures
InnerCircle Client Guidance
At InnerCircle, our highest priority is the safety of our clients. Given the widespread visibility of the failures of both Silicon Valley Bank (SVB) and Signature Bank, we expect to see bad actors leverage these failures in business email compromise (BEC) attempts and/or social engineering attacks soon. Whether or not you or your organization was directly impacted by the SVB or Signature Bank failures, it’s important to exercise increased vigilance to protect from possible related compromises and fraud.
Threat actors are likely to leverage phishing emails which could contain new wire information, instructing a targeted employee to make changes for the financial gain of an attacker. Remind your employees, especially those on the finance and administration side, to avoid initiating transactions to accounts where changes have been requested via email. Any change in existing fund transfer destinations should be explicitly verified rather than immediately trusted. Verification should be accomplished by reaching out directly to a trusted contact, preferably not via email, and validating that the other party sent the request and are not being impersonated.
More generally we advise that you...
Ensure employees know how to identify a phishing email and how to report phishing attempts.
Avoid the forwarding of unvalidated messages.
Be wary of messages that create a sense of urgency and ask you to do something quickly, especially pertaining to SVB or Signature Bank.
Be cognizant that threat actors may use personal social media accounts or text messages to contact employees.
Review policies for verification of any changes to existing invoices, bank deposit information, and contact information.
Additionally, the situation presents a good opportunity to proactively inform your clients, customers, or others that you interact with around fund transfer, what the procedures are to inform your organization of on any changes to financial accounts or institutions.
How We Can Help
As a trusted advisor we aim to protect our clients with layered defenses that include both technical tools as well as consultative assistance.
While requiring protections like strong passwords and multifactor authentication is important, it’s clear that a technical approach alone isn’t enough. If you are looking to be as prepared for an incident as possible, having a regularly reviewed and updated cyber security plan is key.
Here are 5 ways our team can help ensure your organization is as cyber ready as possible:
Identify Risk – Work to identify the top security threats to your organization
Review Defenses - Review your existing cyber security policies, procedures, and employee training requirements
Assess Maturity - Determine if your existing program adequately addresses your identified top security threats
Certify Compliance - Identify whether existing protections match security expectations and comply with industry regulations
Ensure Preparedness – Organize a formal Incident Response Plan (IRP) along with a testing schedule
Should you have questions about your organization’s posture or want to discuss opportunities for improvement please reach out to us. We are here to provide you with guidance as well as effective solutions needed to protect your organization from future attacks.