Security News > 2020 > August > How phishing attacks have exploited the US Small Business Administration
The US Small Business Administration has been offering loans to businesses and other groups affected by the pandemic and lockdown, turning it into a target ripe for impersonation in phishing attacks.
A report published Monday by security firm Malwarebytes tracks some of the different phishing campaigns that have sought to exploit the SBA. SEE: Coronavirus: Critical IT policies and tools every business needs.
Phishing emails were found containing malicious attachments with names such as "SBA Disaster Application Confirmation Documents COVID Relief.img." The emails used the SBA logo and branding and prompted recipients to complete a grant for small business disaster assistance.
Following the April campaign, a second wave of phishing emails appeared, complete with SBA logos and branding and claiming to be from the SBA's Office of Disaster Assistance.
Beyond digging deeper into the emails, Malwarebytes offers other advice on how to protect yourself against these phishing attacks.
News URL
Related news
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)