Earlier this month, it was all over the headlines. Silicon Valley Bank (SVB), the 16th largest in the US, had collapsed.
It all started when the bank announced that it was raising capital and had sold a massive amount of securities at a loss. The bank’s customers panicked, and as a result SVB received a tremendous wave of deposit withdrawal requests, amounting to the unfathomable sum of $42 billion.
When SVB couldn’t raise the cash to cover these requests, regulators stepped in to close the bank and the US Federal Deposit Insurance Corporation (FDIC) took control.
Where there is vulnerability there is fraud
As we have seen in the past, where there is turmoil and uncertainty, payment fraud runs wild. And the case of SVB is no exception.
In fact, we’re already seeing cybercriminals leveraging the Silicon Valley Bank name to launch payment fraud attacks and cash in. Cybersecurity analysts are picking up on dozens of SVB-inspired activities every day, with hackers buying multiple SVB related domains for use in phishing attacks, for example.
And that’s just the tip of the iceberg.
Indeed, fraudsters are always on the alert, ready to take advantage of situations where there is vulnerability and a sense of urgency, where people are distracted and overwhelmed, so they can launch a payment fraud attack. And, with companies having experienced a 211% increase in such fraud in 2022 over 2021, this should come as no surprise.
In the case of SVB, there is great vulnerability resulting from the fact that all of their former customers are now forced to take their business elsewhere. To do so, they need to communicate to their clients and partners that payments should now be sent to a new bank account.
These requests constitute a most fertile ground for payment fraud.
The many paths to payment fraud
To achieve their goals, fraudsters use very sophisticated means and technologies to hijack payment-related communications. For example, they can launch business email compromise (BEC) attacks, in which they assume the identity of SVB executives, suppliers, or finance related employees.
Then, through deception tactics such as SVB domain or display-name spoofing, they reach out to finance employees involved with payment processing and trick them into diverting payments to fraudulent accounts, instead of to the new bank that has replaced SVB.
Sometimes they also use deepfake voice cloning, which, when coupled with phone number spoofing, can be very effective in getting unsuspecting employees to change bank details to the ones that are associated with their own accounts.
This tactic involves taking a voice recording of a real person and using AI technology to cause the voice of the fraudster to sound like that of the real person.
The great burden on the finance team
We foresee that in the coming weeks and months, finance teams, who are already under severe pressures, will be asked to deal with more and more bank account change requests as a result of the SVB fiasco. This will make it incumbent upon them to determine in near real time whether or not the requests are valid.
Yet fraudsters, who are impersonating vendors who need to switch from SVB to a new bank, will have the upper hand if these teams are not well-equipped and ready for the challenge.
Moreover, former SVB client companies will want to make sure that only their real bank details make it to their customers and that fraudsters don’t manipulate the data whether in transit as they are being communicated, nor once they’re in their customers’ systems.
Is recognizing the warning signs enough?
One might think that such fraud can be prevented if finance staff is aware of the email subject lines that are typically associated with SVB-related attacks, such as:
- We’ve changed our bank details
- Updated bank account information
- Important – bank account details change
But in the hustle and bustle of a busy and stressful workday, we can’t be sure that everyone will always be on the lookout.
Same goes for relying on making the team aware of SVB-related hyperlinks that have been identified as spoofed, including:
Unfortunately, we can’t expect that everyone on the AP and AR teams will detect subject lines that are suspect and hyperlinks that are malicious.
Bottom line, without having the right anti-payment fraud technology in place, the attack will most likely be successful. And if it is, the damage can run in the millions.
How nsKnox can help
nsKnox can you help you prevent SVB-related (and other types of) payment fraud attacks and avoid the damage.
With the PaymentKnox™ payment security platform you can:
- Share your bank account details with the fraud-proof nsKnox Bank Account Certificate, which is accessible through your branded portal, and which replaces outdated bank letters and void checks for confirming the ownership of an account.
- Protect your payment master data and infrastructure with an automated and highly secure verification process that ensures the integrity of master payee data, and that the data is current, accurate, and compatible with your organization’s payment policy.
- Prevent payment file manipulation, whether by external or internal fraud actor, prior to sending the file to the bank or ACH for payment.
- Register and secure all your bank accounts, including those of affiliates, on the nsKnox PaymentKnox portal, so every customer can validate your account information before they make a payment.
- Verify all supplier and partner bank accounts with a unique combination of advanced technologies, rigorous validation techniques, and public and private database searches during onboarding and when they change accounts, to secure all outgoing payments.
This way, you and your finance team can ensure end-to-end protection against B2B payments fraud, and beat fraudsters at their own game.
To learn how PaymentKnox can help you prevent SVB-related and any other kind of payment fraud, we invite you to reach out to us at firstname.lastname@example.org