For those who have missed out on the drama surrounding the Silicon Valley Bank, here’s a recap. The bank has been shut down by the California Department of Financial Protection and Innovation due to insolvency risk and a stock crash. The Federal Deposit Insurance Corporation(FDIC) has been named the receiver and has established a deposit insurance national bank through which SVB customers will be able to access the insured part of their deposits. The move, experts predict, will have lasting implications for the banking and startup industries.
In the aftermath, many businesses started moving their money or opening new accounts at other banks to protect their assets. Naturally, bad actors are using a chaotic atmosphere like this as a window of opportunity to strike, this time by opening fraudulent new accounts, among other modus operandis.
How Attackers Target Businesses During Bank Collapses
The collapse of a bank can cause chaos and confusion for account holders and businesses alike. During these uncertain times, financially-motivated cyber-criminals are known to seize opportunities, targeting former account holders and the customers they serve. The SVB collapse also presents a prime opportunity for cyber-criminals to launch ATOs, phishing attacks, Business Email Compromise (BEC), and other fraudulent activities that can lead to devastating financial losses. In 2022, the Internet Crime Control Centre received 21,832 BEC complaints with adjusted losses of over $2.7 billion. As fraudsters have become more sophisticated, the BEC schemes will keep evolving.
Adding to the potential for cyber-attacks is the stress and lack of information faced by founders, CEOs, CFOs, and finance teams during bank collapses. People's guards are down during times like these, making them more susceptible to phishing attacks that contain news. Cyber-attacks can come through various channels, such as email, WhatsApp and more, making everything a possible attack vector. Cybercriminals are well-organised and are known to take advantage of situations where chaos and confusion are present.
Gaining access through social engineering or traditional means is only the precursor to their primary campaign, as fraudsters unleash massive CEO fraud campaigns that take advantage of the incredible number of account changes already underway. As account holders move their finances and operations to other banks, they will notify their contacts of their new account details for future wires hence opening the scope for potential fraud.
How can Businesses protect themselves from fraudsters?
Event-oriented attacks have become increasingly common modes in recent times for fraudsters to exploit vulnerabilities. For example, the COVID-19 pandemic created new opportunities for scammers to deceive people with fake offers of vaccines, treatments, and financial support. Natural disasters, such as the wildfires in Australia, have also been exploited by fraudsters who create fake charities to collect donations for relief efforts. Even political events such as presidential campaigns have been used to trick people into donating to fake political campaigns. Fraudsters can manipulate these events to cause panic and uncertainty, creating an environment where people are more likely to make irrational decisions. Businesses must take proactive measures to protect themselves from cyber-attacks during such events. In the case of SVB collapse, with a large number of account transfers in motion, banks and fintech companies that have a flexible fraud tech stack in place will be best equipped to respond to the higher volume of fraud they will see in the coming days.
To prevent new business account fraud, there are several best practices that financial institutions can follow. Firstly, streamlining business verification and individual verification workflows can help get a complete picture of the business and its beneficial owners. As account holders move their finances and operations to other banks, they will notify their customers of their new account details for future wires. The significantly increased volume of requests makes it far more likely for businesses to approve a malicious bank change request accidentally. This becomes even easier for cyber-criminals working from a compromised account with internal information they gained through a phishing attack.
Read How to Improve Your Customer Onboarding Process?
Secondly, setting up tracking and alerting to flag fraudulent users trying to open multiple accounts, such as those who share identity elements, can be helpful. If initial data sources yield inconclusive results, routing applicants to step-up verification can provide further investigation. Additional verification steps, such as document verification, selfie verification, and phone-based verification, can be leveraged for applicants that surpass certain risk thresholds.
Device intelligence can be combined with other signals like behavioural biometrics to detect risky behaviour, such as foreign IP addresses or copying and pasting personally identifiable information.
Analysing data for trends in new accounts that are consistent with bad actors in historical data can help identify potentially fraudulent accounts. Additionally, monitoring new accounts closed during the first few months of the customer lifecycle is recommended, including implementing alerts that detect unusual activity around inflows and outflows of that new bank account, leveraging AI-based models, and validating any changes in contact information after account opening.
As the banking and startup industries respond to this shake-up, the situation may remain uncertain. Businesses must remain vigilant and take necessary steps to protect themselves from cyber-criminals looking to exploit any opportunity for financial gain.
However, there are ways to combat fraudsters and protect your business. Our services include reviewing your customer journeys to detect any suspicious accounts that have been recently onboarded. Don't hesitate to contact us for assistance.