This detection rule aims to identify emails that impersonate Silicon Valley Bank (SVB) by analyzing the sender's email address and domain. The rule operates on the premise that attackers often use domains that are similar to legitimate brands to execute phishing attacks. The detection utilizes a combination of domain pattern matching and similarity checks on the display name of the sender against 'SVB'. Specifically, it checks if the sender's email domain closely resembles any variant of Silicon Valley Bank or its abbreviation. Furthermore, it evaluates the age of the domain used in the sender's email through a WHOIS lookup, ensuring it is relatively new (less than 30 days) to filter out established domains which could be legitimate. This multi-faceted approach enhances the reliability of detecting potentially harmful impersonation tactics, particularly relevant in the context of credential phishing, where users are tricked into providing sensitive information.