Cybercriminals have turned their attention to smaller targets.
While large financial institutions have historically attracted the vast majority of phishing and impersonation attacks, the landscape is changing fast. Our SPOOF ’25: Community and Regional Bank Brand Impersonation Threat Report revealed a 138% increase in the number of community and regional banks targeted over the past year.
The sharp rise in impersonation attempts marks a shift in strategy. As large organizations harden their defenses, attackers now see smaller banks as accessible, high-reward targets.
Why Smaller Institutions Are at Greater Risk
The rise in attacks on mid-sized banks is fueled by new tools, such as generative AI. Fraudsters have
drastically reduced the time, skills, and costs required to build a brand impersonation attack, allowing
an individual to scale their operation with the same resources.
For every large national bank, there are 137 community banks, but those community banks control less than 15% of total banking assets. When fraud was more expensive to execute, targeting large banks offered the greatest return. As costs decline, fraudsters are expanding their reach, casting wider nets, and increasingly targeting mid-sized banks.
This presents a serious risk for mid-sized and smaller financial institutions. Many regional banks operate with lean security teams and fewer technological safeguards. This makes them more vulnerable to brand abuse and phishing. When a fraudulent website appears online, there’s often no dedicated team watching for it, and response times can be slow increasing the financial impact of the fraud.
Impersonation Surge Hits Mid-Size and Small Banks Hardest
The data reveals a clear trend: attackers are increasingly targeting banks with lower asset volumes, but are doing so in greater volume. Here’s how the data breaks down by asset size.
The uptick was most significant among community and regional banks with assets under management (AUM) between $200 million and $5 billion, which grew 177% collectively. However, the lowest-value banks also grew rapidly. For comparison, banks with assets under $200 million saw a 193% increase in brand impersonation attempts, while the number of brands targeted with more than $5 billion increased 44%.
2023 vs 2024 Brands Targeted by Asset Size
- Banks with > $5B AUM
Number of Targets Increased 44%
- Banks with $1B to $5B AUM
Number of Targets Increased 138%
- Banks with $500M to $1B AUM
Number of Targets Increased 191%
- Banks with $200M to $500M AUM
Number of Targets Increased 236%
- Banks with < $200M AUM
Number of Targets Increased 193%
Attack Volume Now Skews Toward Smaller Banks
Our next graph illustrates attack volume targeting banks of various asset sizes. The largest banks no longer experience the highest attack frequency and now represent a smaller share of attacks than other categories. These banks now account for only 18.6% of impersonations in 2024, while those with assets of $1 to $5 billion represent 30.2% of attacks. This speaks to a new focus on mid-level banks.
2023 vs 2024 Brands Targeted by Asset Size
- Banks with > $5B AUM
Number of Targets Increased 304% - Banks with $1B to $5B AUM
Number of Targets Increased 668% - Banks with $500M to $1B AUM
Number of Targets Increased 427% - Banks with $200M to $500M AUM
Number of Targets Increased 347% - Banks with < $200M AUM
Number of Targets Increased 211%
Impact of Gen AI Fraud
Generative AI fraud compounds the consequences of fraud by increasing the volume and deceptiveness of attacks. Deloitte’s Center for Financial Services predicts that gen AI may increase fraud losses in the United States from $12.3 billion in 2023 to $40 billion in 2027,. A compounded annual growth rate of 32%.
Fraud already imposes steep costs on financial institutions and other organizations. Banks can lose up to 7.5% of their annual revenue to direct and indirect fraud costs. For credit unions, that number rises as high as 11%.
Don’t underestimate the financial burden of online fraud schemes. Their costs will only rise as AI continues to develop and proliferate.
What Regional Banks Can Do Right Now
- Deploy Brand Monitoring Tools
Invest in online brand protection services that actively search for unauthorized use of your name, logo, and domain across the internet. The faster these threats are identified, the sooner they can be addressed and the less damage they can cause.
- Educate Your Customers
Clear communication helps reduce risk. Teach customers how to recognize phishing emails and fake websites. Provide them with an easy process to report suspicious activity. Provide direct links to your online banking portal in official communications to eliminate guesswork.
However, when banks display fraud warnings as banners on their website, they’re not creating an inviting digital experience – they’re doing the opposite. These warnings send an alarming message: we cannot keep your account safe. Instead of raising awareness, they create doubt in the bank’s security and dissuade potential customers from enrolling in online services.
- Train Staff with Simulations
Conduct regular internal phishing exercises to keep employees sharp and prepared. These simulations can help identify weak points in your internal response plan and improve coordination across teams.
Trust Is the Real Target, and Your Best Asset
The rise in brand impersonation attacks signals a turning point. Cybercriminals are no longer limiting their efforts to the biggest players.
Trust is the foundation of any financial institution. When that trust is damaged, it affects more than just the immediate victims. It can ripple outward, impacting customer retention, operational costs, revenue, and regulatory exposure.
Protecting your brand is about preserving the relationship you’ve built with your customers.
Get the SPOOF ’25 Brand Impersonation Threat Report
Your institution may already be a target, and more attacks are coming. Read the full SPOOF ‘25 Threat Report to see which banks are being impersonated, how attackers operate, and what your team can do today to protect your brand and customers.
Related Articles
-
Diamond Bank Addresses Spoof WebsitesDiamond Bank is a community bank with 14 branches and thousands of customers... -
Credit Union Supercharges Takedown CampaignsDo-It-Yourself Takedown Struggles A credit union based in the southern United States supports... -
Fraudsters Steer Clear of ORNL Federal Credit UnionORNL Federal Credit Union manages $4.06 billion in assets, serves over 219,000 members,... -
SharkBot Trojan Embedded in Mobile Banking ApplicationDuring a recent partner mobile malware scan, Allure Security identified a rogue mobile... -
How to Remove Spoof Mobile ApplicationsTo remove rogue mobile applications (an unauthorized version of your mobile app) from... -
Zelle Fraud: How to Protect Your Customers and Brands from ScamsSince its launch, the peer-to-peer payment app Zelle has gained immense popularity. In...