Have you received an SBA loan recently?
The Cybersecurity & Infrastructure Security Agency (CISA) has recently published an advisory, warning of a new phishing campaign that specifically targets business owners who have received pandemic relief in the form of loans from the Small Business Administration. Apparently, according to the advisory, the campaign was launched toward the end of July 2020 by an as yet unknown group of hackers. It was altered slightly in the month of August.
They want to steal your credentials and financial info
In the initial wave of emails, the goal seemed to be to steal SBA login credentials. The latest effort focuses much more on attempting to trick recipients into providing a range of personal and financial information.
The campaign emails all bear subject lines that are some variant of "SBA Application - Review and Proceed" and comes from the (spoofed) email address: disastercustomerservice@sba.gov.
A link embedded in the body of the email claims to take the recipient to the SBA signup where they will sign in to receive financial assistance. Naturally, the website is merely a spoof of the actual SBA page, replicated over a number of top-level domains.
Beware - these guys are good
Security researchers tracking the campaign note that some of the phishing emails direct recipients to websites containing the GuLoader malware that is used to drop other malware payloads onto the machines of unsuspecting users. Researchers note that the most recent wave of emails uses social engineering techniques that are sophisticated enough to fool even some security professionals.
NOTE: The SBA webpage about this attack
Our perspective
If you are a business owner and have received pandemic relief or are considering applying for benefits, your best bet is to ignore any emails you might receive. Instead of clicking email links that promise to take you to the SBA's website, open a new browser tab, and manually navigate your way there. It's a shame that hackers are taking such an advantage at a time like this, but sadly, it's not much of a surprise.
~ As Hill Street Blues' Sgt. Esterhaus always advised: "Hey, let's be careful out there! " ~
By Denis Wilson and Melissa Stockwell
Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can also find me on LinkedIn, Facebook, and Twitter.
I'm Denis Wilson, President and Principal Consultant for DWP Information Architects. We build people/process/technology solutions to create better business outcomes for smaller enterprises in Los Angeles. We have created cost-effective office productivity and out-sourced service solutions for over 20 years, focusing principally on manufacturing, professional services, and healthcare. Our hallmarks are cloud and on-premises network reliability, cost-effective cybersecurity, and liveable small business regulatory compliance.
I am also a published author and speaker, working extensively with business and professional associations to provide small business technology education programs. Contact me if you would like me to speak at your association
