Bank collapse drives Phishing attacks

In the wake of the collapse of Silicon Valley and Signature banks, startup founders scrambled to find ways over the weekend to meet payroll this week and phishing bandits swooped in like hyenas on a gazelle carcass. The events and attacks demonstrate the value of Zero Trust as a practice.

According to several security watchers, the criminals have been targeting not only startups affected by the bank failures, but have been reaching out to venture capitalists and banks to acquire quick bridge loans that will disappear in the dark web.

“We are seeing some phishing attempts offering loans, or pretending to be founders to financial teams,” said Grant Wernick, CEO of cybersecurity company Fletch. “We are expecting more fraud attempts this week as bad actors pretend to be companies impacted by this incident.”

While government intervention has secured funds, Wernick said Fletch sees increasing phishing increase in three areas. “First, there are people asking for bridge funding. Then there are emails from internal sources claiming to be financial officers of large companies offering help, and finally people claiming to represent banks and VC groups offering safe havens.”

Some channels scream fraud

Fletch has not been immune to such attempts. Wernick shared an offer he received from someone presenting themselves as the founder of Njord Venture Group in Quebec, Canada. However, his team red-flagged the offer because it came through a WhatsApp message.

Reaching directors of Njord proved impossible by the time this report was filed, so it is possible that the offer was legitimate, but Warnick said the channel used to reach him was not trustworthy.

According to hackcontrol.org, WhatsApp is increasingly used by fraudsters because taking control of legitimate accounts is so easy now. “Previously, WhatsApp phishing methods were a bit simpler in nature and therefore easier to see through,” said the organization’s website. But since 2019, advanced methods used by phishers increased their success rate.

While hundreds of startups at various stages were affected by the collapse, few of them were in the cybersecurity niche. Cyber Protection Magazine contacted two dozen security companies over the weekend and of them only Fletch maintained deposits in SVB and in First Republic, another bank affected by the loss of trust. Warnick said the diversification is keeping them fully active while the situation resolved over the weekend, but his priorities beginning Monday were focused on expanding that diversification.

The US and UK governments, where most of the banks affected are, took steps to ensure depositors would be made whole without the use of taxpayer funds, restoring confidence to a point. That lack of confidence can be attributed to a basic failure in due diligence on the part of depositors.

Zero Trust is not just a security technology

Ian Thornton-Trump, CISO for the UK-based Cyjax, called the moment a “hate the game not the player” in corporate finance and encouraged companies to take a Zero Trust approach not just to security but to their financial operations as well..

“It proves that the ultimate supply chain weakness may be found in the financial system and not doing due diligence on your financial partner can literally turn off the money for your entrepreneurial venture or even your established organization. It seems “trust” is in very short supply these days even from storied institutions which form the bedrock of the tech industry. What I think a lot of firms are suddenly realising is due diligence should be a two-way street, not a one-way on-ramp to the start-up money. Firms that diversified their financial services provider may weather this storm.”

That wisdom also applies to taking money from investors. One such investor, Billionaire Peter Thiel, has cemented, if not damaged his reputation with his involvement in the debacle.

Choose your partners wisely

Thiel was a big depositor in Silicon Valley Bank and could be identified as the trigger for the failure. On Thursday, Thiel pulled all of his fund money from the bank and encouraged many others to follow suit. That was the start of the run on bank funds that forced federal regulators to shutter SVB. While there is nothing illegal about what he did, but it affected his reputation in the startup and venture world.

“It’s a game to play for him,” said Wernick, talking of Thiel’s investment strategy, “and he’ll take advantage wherever possible so he can win. It could end up being a nail in the coffin for some of his potential deals, but other investors might put up with him just to be on good deals.”

Several other VCs were more descriptive of their abhorrence of the billionaire. One that preferred anonymity said, “I don’t like him. I have a ‘no assholes’ rule. The problem with Thiel is he doesn’t think.”

Supreet Singh Manchanda, founding partner of Raiven Capital was more specific though diplomatic. “He spread rumors and caused panic. That’s not good business.”

Cooler heads

Raiven was one of the dozens of VC firms signing a statement on Saturday expressing support for SVB and refusing to withdraw funds. Manchanda pointed out that they employ a diversification of deposits with several banks and encourage portfolio companies to do the same using a Certificate of Deposit Account Registry Service (CDARS) offered by many banks. CDARS will divide funds into $250,000 accounts in multiple banks to take advantage of FDIC insurance. Raiven specializes in cybersecurity and renewable energy companies.

Fletch is also a depositor in SVB, but also keeps several Treasury Bonds in First Republic. While the latter bank is also struggling with its stock, the bonds are not affected by the bank’s reputation. “We are diversifying more after this,” Wernick said, “possibly in one of the big four banks, but I’m not a fan of giving them more power.”