The fall season is upon us, and during this time of year we often see new trends emerge. This year is no exception, and while Business Email Compromise (“BEC”) schemes continue to make themselves known, account takeovers through use of fake websites are becoming a focal point. As we head into the holidays, we encourage heightened vigilance and safeguarding of your accounts. Here’s what you need to know about the latest account takeover trends and helpful tips to continue protecting yourself against BECs.
Fake SVB Websites
Fraudsters are always anticipating an online banking user’s habits and working to mold those habits into tangible ways to commit fraud. Recent account takeover trends are no exception to this practice. SVB and the majority of the banking industry has recently seen fraudsters take advantage of those who do not save or bookmark their online banking websites and instead use internet browsers to conduct a search for their online banking site.
How the Fraud Happens
In anticipation of an individual conducting a web search for their online banking website, fraudsters are creating fake websites with URLs and images that look like legitimate websites. They will then use paid ads on various search engines to ensure those fake websites populate first in search results.
Once a victim clicks on a fake website, they’re taken to a page that looks extremely similar to their legitimate online banking website. With that comfort in mind, a victim will likely enter their login credentials and one-time passcode expecting to login to online banking. Instead, the fraudsters are standing by to harvest the credentials and one-time passcode entered on the fake website so they can log in on the legitimate online banking page and commit fraudulent activity.
Meanwhile, the victim will often have difficulty logging in to online banking and could receive errors or even an unusual “wait” screen. The victim may also experience a large influx of spam to their email box, a move intended to prevent a victim from identifying any potential alerts or warnings from their bank that signals unusual login activity is occurring.
Best Practices for Safeguarding Against Fake Websites
- Navigate directly to the www.svb.com URL to access the online banking login page
- Save or Bookmark the SVB Online Banking login page
- Rather than navigating via search engines to SVB’s online banking login page, save or bookmark the URL to ensure you are going to the legitimate website for each login
- Recognize Irregularities at Login
- Logging into online banking should typically be a seamless process. If a hold or wait screen is being presented, which includes the below terminology, this could be a clue that something nefarious is occurring. Below are examples of known fictitious login messages associated to fake sites:
- Your case ID number is 'XXXXX '. An online banking support representative will get in touch shortly. Please provide your case ID number, and DO NOT close this page.
- Due to the updated security requirements, an additional verification procedure is required. Please have an account administrator sign in to proceed.
- We are currently working on updating our security system. You should be able to log in once the countdown timer expires. If you do not see a countdown timer, please reload the page.
- Logging into online banking should typically be a seamless process. If a hold or wait screen is being presented, which includes the below terminology, this could be a clue that something nefarious is occurring. Below are examples of known fictitious login messages associated to fake sites:
- Ensure Account and Security Alerts are Setup in Online Banking
- If other safety measures fail, ensure alerts are set up in online banking to notify you when unauthorized activities are being conducted, such as phone number modifications, user modifications, and transactional activities. If a fraudster does succeed at accessing online banking, alerts could help aid in early identification of an account takeover.
Business Email Compromise
BEC is still a very real threat and is happening daily to unsuspecting victims. BEC occurs when a fraudster sends an email request, which may appear very similar to a legitimate request, to a victim. BEC can be one of the most financially damaging frauds and it is critical SVB clients know how to spot it, report it, and stop it in its tracks.
Spotting a BEC
- Review the sender’s email address for discrepancies
- Often, fraudsters will spoof or camouflage an email address to look very similar to a legitimate email address.
- Be wary of urgent or rushed requests
- Fraudsters may use language expressing urgency to process a payment request.
- Do not click on unusual or suspicious email links
- In an attempt to hack into an email account or device, a fraudster may send an email containing a link. If clicked on, it could deploy malware, which may aid a fraudster in committing their crime.
- Reconcile accounts regularly
- While reconciliation may not “stop” a BEC from occurring, it could potentially result in less financial damage by catching the fraud activity early.
- It may be beneficial to allow multiple individuals to conduct reconciliation, ensuring any potential victims don’t overlook the unusual transactional activity.
- While reconciliation may not “stop” a BEC from occurring, it could potentially result in less financial damage by catching the fraud activity early.
- Remember: The number one thing you can do to detect a BEC is to pick up a phone and perform a callback to the individual or company requesting the payment change to validate the request. It is NOT common for large companies to change their bank account information often.
Find additional details about online fraud schemes, including business email compromise, by visiting SVB’s Fraud Prevention Center and FBI Safety Resources for BEC. SVB has also created a helpful BEC Training Video that can be shared with your employees to enhance fraud awareness around this prevalent scam.
Report It
If you suspect that you may be a victim of fraud, contact your Relationship Manager or clientsupport@svb.com.