SVB Closing Brings Heightened Risk Exposure

Cyber Insurance has quickly evolved to an industry that is no longer a reactive market, but proactive.   Insureds are required to be proactively protecting themselves by having minimum controls and employee training in place that used to be seen as great protection only a couple of years ago.  This change was undoubtedly caused by the drastic influx in cyber claims which had detrimental impacts on Carriers’ loss ratios.  The increase in cyber losses was partly due to a change in technology and expansion of the threat landscape with remote working, but an often-overlooked cause was that people were simply just distracted.  With the Silicon Valley Bank (SVB) and Signature Bank closures happening, it is another reminder that Insured’s need to stay vigilant with regards to cybersecurity.

Overview

Over the past couple weeks, financial instability at banking institutions led many organizations to review their relationships and make changes where they saw fit.  These changes mean that there will be a large increase on the number of communications about banking institutions between organizations and their customers and vendors/partners.

Anytime there is communication between two parties about sending or receiving payments poses risk.  Claims for fraudulent funds transfers (FFTs) are becoming the most frequent seen by most carriers.  Since cybercriminals are aware of this, an influx in communications about banking is happening and they are ready to take full advantage.  We are already being told by certain carriers that there are a large number of new website registrations with domains that involve SVB, which could be used in phishing schemes.  It is widely known that phishing campaigns and BEC attempts take advantage of current events to social engineer victims due to the distraction.  Distraction + Urgency and Uncertainty = Easy Victims.

What Your Insured Can Proactively Do

  1. Ensure your finance team has an out of band authentication (OOBA) process established. If there is no policy, or one is lacking detail, review this Corvus article for more information: Securing Funds Transfers (Out-of-Band Authentication and Other Considerations). The following practices are recommended to be included in your process:
    1. Verify all requests to transfer payments or update payment information by calling a known phone number and speaking to a known voice.
    2. If you do not have a contact at that organization, go to the organization’s main website and call a main number on the website, asking to be routed to the accounts receivables department.
    3. Confirm receipt of a test deposit of a nominal value prior to making a bank account change for your vendor.
    4. Do not relax any security practices due to urgency by other parties — it’s better to slightly delay a payment than to send funds to a threat actor!
  2. Retrain all employees who deal with funds transfers on your company’s payment policies, including your OOBA process. During the training, alert employees to the likelihood of increased phishing attacks.
    1. Remind employees that attackers may impersonate a financial institution, a vendor, a business contact, or a colleague (particularly executives or finance personnel).
  3. Educate employees, clients, and vendors, to NEVER click on a link or attachment in an unverified email. Include BEC drills along with phishing emails and social engineering attacks in security training.
  4. Use email filtering solutions to prevent malicious emails from reaching employees’ inboxes.

If you have further questions and would like to know more about how OIA can help protect your agency from cyber threats, please visit our website or fill out our form to get started.

Success Starts Here

Sign up for our newsletter today!
  • This field is for validation purposes and should be left unchanged.