Hello, Guest.!

CISA Warns on Cyber Actor Posing as Small Business Administration

1 min read

The Cybersecurity and Infrastructure Security Agency is investigating a cybercriminal who has used phishing emails posing as messages from the Small Business Administration.

The emails contain a fake link pretending to be for SBA's COVID-19 loan relief, CISA said Wednesday. The malicious actor attempts to steal credentials through this method of fraud.

These emails are subject-labeled "SBA Application – Review and Proceed" and come from a sender known as "disastercustomerservice@sba.gov." The malicious link leads to a website "leanproconsulting.com."

Analysts said the emails have been sent to entities from state, local and federal governments.

CISA advises concerned organizations to observe a number of practices such as placing warning banners on all external emails, deleting suspicious email attachments and restricting software installation permissions.