A counterfeit Small Business Administration (SBA) COVID-19 loan relief portal was the subject of Alert AA20-225A from the Cybersecurity and Infrastructure Security Agency (CISA), which provided comprehensive details.
At the time of writing, CISA analysts noticed that receivers in the federal civil executive branch as well as state, local, tribal, and territory governments were receiving phishing emails that contained links to the malicious website.
However, they might also be aiming at other businesses, including yours.
Here’s what CISA knows so far
The subject line: SBA Application – Review and Proceed
The sender: disastercustomerservice@sba[.]gov
The text in the email body urging the recipient to click on a hyperlink to address: hxxps://leanproconsulting[.]com.br/gov/covid19relief/sba.gov
Here is a screenshot of the fraudulent COVID-19 loan relief webpage from the Small Business Administration (SBA), along with suggestions from CISA to make your organization’s systems more secure.
As a reminder, here are some tell-tale signs of SBA COVID-19 Phishing Emails:
- Is confidential information requested in the email? Passwords, credit card information, credit scores, etc. are never requested by email by legitimate businesses. If you receive an email asking for any of this information, especially if it was not requested, there is a good chance it is a hoax.
- Does the email use your name while addressing you? It’s likely SBA COVID-19 Phishing Emails if it refers to you as a “valued member,” “account member,” or “customer.” Legitimate businesses will refer to you by name and have your information.
- Check the domain name twice! Hover your cursor over the email address in question and read it letter by letter and number by number to ensure there have been no changes. Additionally, seek for public email domains… No trustworthy business will get in touch with you.
- Is the grammar correct? A trustworthy business will only receive well-written emails. Multiple grammatical and spelling mistakes indicate that the email is most likely a phishing scam.
- Watch out for links! Never click a link without first moving your cursor over it to view the webpage. As a further warning, some thieves would create phishing emails that are completely coded as a hyperlink.
- Exists an attachment, if so? Be cautious if you get an unsolicited email with an attachment since it can be infected with malware or a virus. Watch out for high risk file formats like.exe,.com,.scr, and.zip. Contact that business if you even have the least suspicion that something is wrong.
- Is there a sense of urgency? Many cybercriminals will ask you to ‘act now or else’ hoping you’ll click on the link or download the attachment without checking for the legitimacy of the email. This is especially effective in the workplace.