Tech

‘Malicious’ cyber actor spoofing SBA’s coronavirus loan relief webpage

The spoofed website is designed for credential stealing and comes almost four months after the Small Business Administration took down eight fraudulent websites amid the pandemic.

By Dave Nyczepir

August 12, 2020

Small Business Administration headquarters. (Tajha Chappellet-Lanier)

The Cybersecurity and Infrastructure Security Agency is tracking an “unknown, malicious” cyber actor spoofing the Small Business Administration’s coronavirus loan relief webpage via phishing emails, it warned in an alert issued Wednesday.

Suspect emails link to a spoofed website for redirects and credential-stealing and have targeted federal civilian executive branch, state, local, tribal, and territorial recipients, according to CISA‘s alert.

CISA recommended that system owners and administrators include warning banners with external emails, maintain updated antivirus signatures and engines, and ensure systems have the latest security updates among its list of mitigations.

.@CISAgov is aware of a malicious cyber actor spoofing the SBA COVID-19 loan relief webpage. Read our Alert at https://t.co/vIRnOiKu0E for details and mitigations. #Spoofing #Cybersecurity #Phishing #COVID19

— CISA Cyber (@CISACyber) August 12, 2020

The phishing emails consist of the subject line “SBA Application – Review and Proceed,” disastercustomerservice@sba.gov as the sender, and text prompting the recipient to click a hyperlink leading to a login page for the credential theft.

CISA’s alert includes indicators of compromise and additional mitigations, including signing up for its alerts and free vulnerability scanning and testing.

In April, former SBA Chief Information Officer Maria Roat said her security team had worked with the Department of Homeland Security, where CISA resides, to take down eight fraudulent websites and two Twitter accounts attempting to take advantage of small businesses seeking coronavirus loan relief.

‘Malicious’ cyber actor spoofing SBA’s coronavirus loan relief webpage

More Like This

ICE pursuing privacy approvals related to controversial phone location data

House Modernization panel advances bill to improve CRS’s data access in first-ever markup

DOJ seeks public input on AI use in criminal justice system

Top Stories

404 page: the error sites of federal agencies

CISA’s chief data officer: Bias in AI models won’t be the same for every agency

Scientists must be empowered — not replaced — by AI, report to White House argues

White House hopeful ‘more maturity’ of data collection will improve AI inventories

Generative AI could raise questions for federal records laws

Oracle approved to handle government secret-level data

Cybersecurity executive order requirements are nearly complete, GAO says

More Scoops

Deputy Federal CIO Maria Roat to retire in March

Missing E-Tran controls saw SBA issue $692M in duplicate pandemic relief loans

FITARA grades mostly hold, improve amid agencies shift to remote work

Lawmakers question SBA technology investments after loan system outages

CDM is securing agencies involved with coronavirus response, including vaccine research

SBA systems fended off foreign adversaries applying for coronavirus loans

Federal cyber incidents continue downward trend, according to annual FISMA report to Congress

Latest Podcasts

‘Malicious’ cyber actor spoofing SBA’s coronavirus loan relief webpage

Scientists Must Be Empowered, Not Replaced by AI

Leveraging modern access management to achieve zero trust

The role of the federal chief AI officer

Tech

Defense

Cyber

Acquisition