"Phishing Campaigns Use SVB Collapse to Harvest Crypto"

Security researchers at Proofpoint have uncovered several new phishing campaigns using the collapse of Silicon Valley Bank (SVB) as a lure to steal cryptocurrency.  The researchers stated that they spotted lures related to USD Coin (USDC), a digital stablecoin tied to the dollar, that was impacted by the SVB collapse.  This campaign used messages that impersonated several cryptocurrency brands, which were sent via malicious SendGrid accounts and containing SendGrid URLs.  The URLs redirected to several different domains that asked the victim to claim their crypto/redeem to USD.  The researchers noted that clicking the button would try to open a DeFi URL, so the victim would need to have a DeFi handler installed, such as MetaMask wallet.  The victim would then be lured to install a smart contract that would transfer the contents of the victim’s wallet to the attacker.  P2P payments tech firm Circle, which was exposed by the failure of SVB, announced that USDC would remain redeemable at a 1:1 rate with the dollar, sparking additional phishing campaigns.  Researchers at Cyble spotted several phishing sites impersonating Circle promoting the 1:1 deal.  Some request users scan a QR code to proceed, which results in their crypto wallet being compromised.  

Infosecurity reports: "Phishing Campaigns Use SVB Collapse to Harvest Crypto"