Security News > 2020 > August > How phishing attacks have exploited the US Small Business Administration
The US Small Business Administration has been offering loans to businesses and other groups affected by the pandemic and lockdown, turning it into a target ripe for impersonation in phishing attacks.
A report published Monday by security firm Malwarebytes tracks some of the different phishing campaigns that have sought to exploit the SBA. SEE: Coronavirus: Critical IT policies and tools every business needs.
Phishing emails were found containing malicious attachments with names such as "SBA Disaster Application Confirmation Documents COVID Relief.img." The emails used the SBA logo and branding and prompted recipients to complete a grant for small business disaster assistance.
Following the April campaign, a second wave of phishing emails appeared, complete with SBA logos and branding and claiming to be from the SBA's Office of Disaster Assistance.
Beyond digging deeper into the emails, Malwarebytes offers other advice on how to protect yourself against these phishing attacks.
News URL
Related news
- Mega US healthcare payments network restores system 9 months after ransomware attack (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Vodka maker Stoli files for bankruptcy in US after ransomware attack (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- US sanctions Chinese firm for hacking firewalls in ransomware attacks (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- US names Chinese national it alleges was behind 2020 attack on Sophos firewalls (source)