Silicon Valley Bank (SVB), Signature Bank, and First Republic’s recent failures have sent shockwaves through the financial industry, with many investors worrying about the likelihood of broader trouble.

While major banks are much better capitalized than they were before the global financial crisis, these bank’s deposit base was unusually concentrated in venture-backed startups, crypto, high net-worth individuals with deposits beyond FDIC insurance levels. While these banks will be analyzed for years to come, and the FED’s role given rate hikes and flights to security will no doubt be scrutinized, the financial risk isn’t the only risk now posed by this, or the potential for other banking failures.

In this blog post, we’ll explore the cyber risks that these types of  events pose for clients of failed banks and their customers and how cyber attackers may exploit the opportunity presented by the chaos and confusion around bank shutdowns.

The Risk of Cyber Fraud

One of the biggest risks associated with a bank shutdown is cyber fraud. Cyber attackers often leverage the human element to gain access to systems and data, and compromised credentials are often the initial attack vector.

With the recent shutdown of these banks, cyber attackers may see an opportunity to target former account holders and their customers. Social engineering and phishing attacks are likely to be the main campaign of attackers, taking advantage of the chaos and changes already underway.

Phishing attacks can come in many forms, including emails that appear to be from a legitimate source, such as the original bank, the acquiring bank,  or even other financial institutions, and requests for sensitive information such as passwords, bank account information, or other personally identifiable information.

Recent Banking Failures

In recent months, there have been a number of high-profile bank failures. Silicon Valley Bank (SVB), First Republic Bank, and Signature Bank all collapsed within a few weeks of each other. These failures have raised concerns about the stability of the banking system and the safety of customer deposits.

SVB: SVB was the first bank to fail. The bank was heavily exposed to the tech industry, and when the tech sector began to falter, SVB’s customers began to withdraw their deposits. The bank was unable to meet these withdrawals and was forced to close its doors.

First Republic: First Republic was a different story. The bank was not as heavily exposed to the tech industry, but it was still hit hard by the economic downturn. First Republic’s customers began to withdraw their deposits in large numbers, and the bank was unable to meet these withdrawals. First Republic was also forced to close its doors.

Signature: Signature Bank was the third bank to fail. The bank was heavily exposed to the crypto industry, and when the crypto market crashed, Signature’s customers began to withdraw their deposits. The bank was unable to meet these withdrawals and was forced to close its doors.

There are a number of factors that contributed to these recent bank failures. One factor was the economic downturn. The economy began to slow down in late 2022, and this led to a decline in lending and investment activity. This decline in activity hurt banks, which rely on lending and investment income to generate profits.

Another factor that contributed to the bank failures was the rise of digital banking. Digital banking has made it easier for customers to open and manage bank accounts online. This has led to a decline in the number of traditional brick-and-mortar banks, which have higher costs and are less efficient than their digital counterparts.

Finally, the recent bank failures were also due to regulatory changes. In recent years, regulators have imposed stricter regulations on banks. These regulations have made it more difficult and expensive for banks to operate, which has contributed to their financial difficulties.

As a result, we are seeing a decline in consumer confidence and a decrease in lending activity. This has hurt businesses and consumers, and it has slowed down the economic recovery. The failures have also raised concerns about the stability of the banking system. If more banks fail, it could lead to a financial crisis. This is why it is important for regulators to take steps to prevent future bank failures.

How to Protect Yourself From Cyber Risks Posed By Bank Failures

Phishing, Social Engineering, Business Email Compromise (BEC), and similar attacks are all forms of fraud and involve some form of impersonation. Here are some tips to help you mitigate your risk exposure:

Be aware and informed.

Awareness is the first layer of defense against these attacks. Companies should mandate refresher phishing and BEC training for everyone who is on the front lines of a company, including customer support and finance teams.

Review and refresh your policies.

Vendors should send an email to their customers explaining the expected process for wire changes, including the timing and any necessary documentation.

Companies should implement better processes around payment changes and add another layer of manual verification or signature. Companies should also set up additional monitoring of both account activity and financial activity to quickly detect and respond to any suspicious activity.

Implement and test your monitoring protocols.

It’s also important to consider setting up additional monitoring for both account and financial activity, to prevent phishing and BEC attacks. To combat phishing, it’s recommended to implement and monitor for failed logins and MFA (multi-factor authentication) failures, especially for executive and finance accounts.

Take The Next Step In Your Risk Management Journey

The demise of these banks has raised concerns in the compliance, risk management, and data privacy community about the potential for cyber fraud and the need for additional safeguards to prevent such attacks.

Companies should be aware of the potential for social engineering and phishing attacks and implement additional monitoring of both account activity and financial activity to prevent fraud and mitigate their risk exposure.

At TalPoint, we understand that it’s often easier said than done for large organizations to prioritize compliance, risk mitigation, and data security. That’s why TalPoint has become a trusted resource to empower businesses to prepare to meet their compliance obligations, pinpoint vulnerabilities, and implement remediation strategies with confidence.

By partnering with TalPoint, you gain access to a wide range of compliance, risk management, and data privacy experts, who possess the necessary expertise to prevent potential cyber fraud within your business and protect you and your customers from financial, legal, and reputational harm.

Find out more about how to work with us here.