For criminals, big news creates big opportunities.
And businesses beware — the recent collapses of Silicon Valley Bank (SVB) and Signature Bank offers cybercriminals a perfect cocktail of urgency, uncertainty and money movement, creating an irresistible, golden opportunity for scammers and fraudsters to exploit.
“The phishing has been through the roof,” David Tabachnick, chief financial officer at HungerRush, told PYMNTS in a recent conversation. “So many people are calling our AP (accounts payable) department saying, ‘Here is my new account number, [transfer funds now].’”
But those calls aren’t coming from HungerRush’s SVB-banked vendors alerting the business around updates to their billing details, Tabachnick emphasizes. The CFO adds that he has done a full assessment of HungerRush’s vendors’ situation as it relates to the SVB crisis.
Instead, the calls and emails are coming from cybercriminals looking to capitalize on the ensuing confusion caused by the banking crisis — taking advantage of the need for businesses to move their operational accounts and deposits to banks while capitalizing on the fear-driven climate of the present moment with traditional behavioral-driven fraud tactics.
“You’d be shocked at how many people are trying to scam off [this situation],” Tabachnick said.
Read More: The FinTech Fraud Ripple Effect
Fraud moves fast. Businesses need to move faster.
The current situation shows how rapidly it’s possible for fraudsters to move and take advantage of any shift or crack in the landscape, particularly when their potential victims are distracted and less alert.
“Technological advances are often slow and complex, but the new types of fraud that come with those technological advances can be the opposite of that — fast and simple,” Elly Aiala, chief compliance officer (CCO) at Boost Payment Solutions, told PYMNTS Wednesday (March 22).
The banking crisis has put a fine point on enterprise risk. With the next generation of cybercriminals constantly probing for operational vulnerabilities and looking to exploit weaknesses, it’s becoming increasingly critical for businesses to adequately equip their defenses and employees by considering all possible attack vectors.
PYMNTS research in the most recent 2023 “B2B Payments Fraud Tracker,” finds that over half of business end users have experienced fraud due to faster or real-time payment offerings.
Particularly because so many software vendors that are critical to the digital economy banked with SVB, invoice verification post-collapse has only become more important as skimming, phishing, and business email compromise (BEC) attacks increase from bad actors impersonating both SVB customers and SVB officials.
Boost Payment’s Aiala says that just taking an extra second to verify the context and source of a request is critical — and startlingly effective at helping reduce enterprise vulnerability to some of the most common, behaviorally driven fraud tactics.
Read More: Persistent Fraud Has Smart Businesses Switching From Playing Defense to Offense
It’s not just startups and other businesses that cybercriminals are targeting — often, they are going straight to the source of the money: the large financial institutions serving as custodians.
The frequency and intensity of attacks has reached the point that large financial institutions with over $5 billion in assets collectively bore nearly $120 million in average fraud costs for 2022.
That’s according to “The State of Fraud and Financial Crime in the U.S.,” a PYMNTS and Featurespace collaboration, which found that 62% of large banks are dealing with increases in financial crimes.
Ninety-five percent of executives PYMNTS talked to said they consider using innovative solutions to improve fraud detection and anti-money laundering (AML) compliance a high priority.
Additional research in “The Overlooked Importance of Securing Incoming Payments,” a PYMNTS and nsKnox collaboration, revealed that more than eight out of every 10 CFOs (85%) are investing or plan to invest in digital solutions for fraud prevention and risk management.
Payment ecosystem threats whose sole purpose is to steal users’ wallets, digital assets, or personal details are increasing as consumers and businesses continue to move that information online.
Digital payments are at the heart of many financial institutions’ innovation efforts. However, the rise of digital-first payments also presents a challenge to organizations still struggling to find the right risk management solution as ongoing data breaches and social engineering scams become more sophisticated.
As PYMNTS spotlighted last month, nsKnox Chief Operating Officer Nithai Barzam and Ansys Corporate Controller Bob Bonacci say that the impact of incoming payments malfeasance can be long-lasting, destroying corporate reputations and profits over the long-term, perhaps permanently.
What is the best way for organizations to stay safe? It’s by investing in the right tools and training for themselves and their workforce.