Security News > 2020 > August > How phishing attacks have exploited the US Small Business Administration
The US Small Business Administration has been offering loans to businesses and other groups affected by the pandemic and lockdown, turning it into a target ripe for impersonation in phishing attacks.
A report published Monday by security firm Malwarebytes tracks some of the different phishing campaigns that have sought to exploit the SBA. SEE: Coronavirus: Critical IT policies and tools every business needs.
Phishing emails were found containing malicious attachments with names such as "SBA Disaster Application Confirmation Documents COVID Relief.img." The emails used the SBA logo and branding and prompted recipients to complete a grant for small business disaster assistance.
Following the April campaign, a second wave of phishing emails appeared, complete with SBA logos and branding and claiming to be from the SBA's Office of Disaster Assistance.
Beyond digging deeper into the emails, Malwarebytes offers other advice on how to protect yourself against these phishing attacks.
News URL
Related news
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Healthcare attacks spread beyond US – just ask India's Star Health (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- China again claims Volt Typhoon cyber-attack crew was invented by the US to discredit it (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Phishing scams and malicious domains take center stage as the US election approaches (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- China's Volt Typhoon reportedly breached Singtel in 'test-run' for US telecom attacks (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)