The Cybersecurity and Infrastructure Security Agency (CISA) is warning consumers about a new online scam that involves a fraudulent email that appears to come from the U.S. Small Business Administration (SBA)‘s COVID-19 loan relief website.
The email’s subject line reads as “SBA Application - Review and Proceed” and contains a malicious link that takes users to a fake SBA website. That website is then used by a cyber actor for “malicious re-directs and credential stealing,” CISA said on Aug. 12.
According to CISA, the spoof email has the following characteristics:
-Sender will be marked as: disastercustomerservice@sba[.]gov
-The text in the email body will urge the recipient to click on a hyperlink address
CISA provided an example of how the fake SBA website appears to users.
Example of the fake SBA website
CISA also provided several IP and email addresses that consumers should be wary of, including, but not limited to:
The agency recommended that individual consumers and companies take time to ensure their email security to help avoid identify theft.
Measures to help ensure email security include adding warning banners for all emails external to an organization, maintaining up-to-date antivirus signatures and engines, and enforcing a strong password policy.
CISA also offers free vulnerability scanning and testing services for those looking to better secure their information from scammers.
In addition to the SBA phishing scam, businesses are experiencing a reported increase in cyberattacks on their IT systems as the COVID-19 pandemic continues.
According to research from HackerOne, a cybersecurity company platform, out of the 1,400 security professionals who were asked about their experiences amid the pandemic, 30% said they saw more attacks on their IT systems as a result of the coronavirus.
Nearly two-thirds of the businesses included believed their organizations were at higher risk for data breach due to the pandemic.