Skip to main content

New Damaging Phishing Attacks Are Targeting Pandemic SBA Loans

By August 26, 2020May 5th, 2022Cybersecurity

The CISA (Cybersecurity & Infrastructure Security Agency) has recently published an advisory, warning of a new phishing campaign that specifically targets business owners who have received pandemic relief in the form of loans from the Small Business Administration. Apparently, according to the advisory, the campaign was launched toward the end of July 2020 by an as yet unknown group of hackers. It was altered slightly in the month of August.

In the initial wave of emails, the goal seemed to be to steal SBA login credentials. The latest effort focuses much more on attempting to trick recipients into providing a range of personal and financial information.

The campaign emails all bear subject lines that are some variant of “SBA Application – Review and Proceed” and comes from the (spoofed) email address:

A link embedded in the body of the email claims to take the recipient to the SBA signup where they will sign in to receive financial assistance. Naturally, the website is merely a spoof of the actual SBA page, replicated over a number of top level domains.

Security researchers tracking the campaign note that some of the phishing emails direct recipients to websites containing the GuLoader malware that is used to drop other malware payloads onto the machines of unsuspecting users. Researchers note that the most recent wave of emails use social engineering techniques that are sophisticated enough to fool even some security professionals.

If you are a business owner and have received pandemic relief or are considering applying for benefits, your best bet is to ignore any emails you might receive. Instead of clicking email links that promise to take you to the SBA’s website, open a new browser tab and manually navigate your way there. It’s a shame that hackers are taking such advantage at a time like this, but sadly, it’s not much of a surprise.

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.