08/12/2020

Malicious Cyber Actor Spoofing SBA’s COVID-19 Loan Relief Website via Phishing Emails

OAMES received notice from the Ohio Public Private Partnership that the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) is currently tracking an unknown malicious cyber actor who is spoofing the Small Business Administration (SBA) COVID-19 relief webpage via phishing emails. These emails include a malicious link to a fake page used for malicious re-directs and credential stealing.

Small business owners and organizations at all levels should review the alert and apply the recommended mitigations to strengthen the security posture of their systems.

The alert can be viewed by clicking HERE or by visiting https://us-cert.cisa.gov/ncas/alerts/aa20-225a.