Scams tend to rise in any chaotic environment, and we’re already beginning to hear from clients and colleagues reports of email phishing attacks in the wake of the turmoil unfolding for several banks around the world, most notably Silicon Valley Bank and Signature Bank. These campaigns ─ targeting distracted, anxious account holders and employees ─ can take many forms, such as posing as a contact from the beleaguered institution to verify account numbers, or as a trusted advisor from a new service provider.

Phishing schemes succeed, especially during such uncertain times, when users are less vigilant about cybersecurity. Remind your employees and clients to keep these key principles top of mind.

• Do not click on links or open attachments from unknown senders.
• Validate, with your IT and security teams, the authenticity of any email presented as coming from one of the impacted banks, or any of their business partners.
• Do not share any sensitive information, such as account numbers, user credentials, etc., with anyone via email or any website/portal.
• Call the banks or financial institutions directly and verify if they are requesting any such sensitive information.
• Make sure that IT teams are monitoring all network traffic, failed login attempts, and any kind of unusual activities, and enforce multifactor authentication for all users. 

Contact

Bhavesh N. Vadhani, CISA, CRISC, CGEIT, PMP, CDPSE, Principal, Global Leader, Cybersecurity, Technology Risk, and Privacy

703.847.4418