TechTronBlog.com

Technology, Innovation, Collaboration
Menu
  • Features
  • Gadget
  • Mobile
  • Uncategorized

Daily Tech Updates Sent to your Email

Join our Newsletter
Home
Features
How phishing attacks have exploited the US Small Business Administration
Features

How phishing attacks have exploited the US Small Business Administration

August 17, 2020

Such attacks have tried to capitalize on the loans provided by the SBA in the wake of the coronavirus pandemic.

phishing-via-internet-vector-illustration-fishing-by-email-spoofing-vector-id665837286.jpg

Image: GrafVishenka, Getty Images/iStockPhotos


COVID-19 has proved to be a field day for cybercriminals who have used the outbreak to create malware associated with the virus and its various repercussions. One popular tactic is to spoof organizations involved in relief efforts, whether medical or financial.

The US Small Business Administration has been offering loans to businesses and other groups affected by the pandemic and lockdown, turning it into a target ripe for impersonation in phishing attacks. A report published Monday by security firm Malwarebytes tracks some of the different phishing campaigns that have sought to exploit the SBA.

SEE: Coronavirus: Critical IT policies and tools every business needs (TechRepublic Premium) 

First wave

April saw the first round of coronavirus-related attacks designed to deploy malware. Phishing emails were found containing malicious attachments with names such as “SBA_Disaster_Application_Confirmation_Documents_COVID_Relief.img.” The emails used the SBA logo and branding and prompted recipients to complete a grant for small business disaster assistance. One piece of malware hidden in the attached files was GuLoader, which is used to download the payload of your choice at the same time it attempts to evade antivirus detection.

” data-credit=”Image: Malwarebytes” rel=”noopener noreferrer nofollow”>sba-phishing-scams-malwarebytes-1.jpg

Image: Malwarebytes

Second wave

Following the April campaign, a second wave of phishing emails appeared, complete with SBA logos and branding and claiming to be from the SBA’s Office of Disaster Assistance. Promising that the recipient’s SBA application has been approved, the message invited them to click a button to review the funding process. The link in that button took users to the phishing page, which attempted to obtain certain account credentials as a way to scam them in the future. The main tipoff comes from the URL that pops up when you hover over the button as the address has no connection with the SBA.

” data-credit=”Image: Malwarebytes” rel=”noopener noreferrer nofollow”>sba-phishing-scams-malwarebytes-2.jpg

Image: Malwarebytes

Third wave

Spotted by Malwarebytes in early August, a third wave of phishing emails ask the recipient to fill out an attached form for disaster loan assistance. The user is prompted to provide both personal and financial information, specifically bank account details. As with the other campaigns, this one uses SBA branding and sender addresses that seem to come from the agency. However, the domain for the phishing page was registered just a few days prior to the campaign and clearly doesn’t belong to the government, according to Malwarebytes.

Digging into these emails can also reveal clues as to their legitimacy, or lack thereof. Depending on your email client, you can often view the header information for each specific message. For example, in Microsoft Outlook, you’d click the File menu and then select Properties. In the Internet headers section, the Received address displays a host name. With these latest phishing emails, the host name showed a URL that looked suspicious to Malwarebytes and was actually described in another scam campaign.

” data-credit=”Image: Malwarebytes” rel=”noopener noreferrer nofollow”>sba-phishing-scams-malwarebytes-3.jpg

Image: Malwarebytes

Beyond digging deeper into the emails, Malwarebytes offers other advice on how to protect yourself against these phishing attacks.

Check the DOJ and SBA websites. Both the Department of Justice and the Small Business Administration have warned of scams pertaining to loans. Their respective sites provide tips on how to steer clear of malicious schemes.

Beware the sender’s address. Perhaps the biggest takeaway, especially when it comes to phishing emails is that the sender’s address can easily be spoofed and is in no way a solid guarantee, even if it looks exactly the same.

Double-check the information. Double-check the legitimacy of any suspicious email by phoning the organization. Never dial the number found in an email or left on a voice mail as it could be fake.







Cybersecurity Insider Newsletter


Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
Delivered Tuesdays and Thursdays




Sign up today




Also see


Share
Tweet
Email
Prev Article
Next Article

Related Articles

https://www.techrepublic.com/article/how-to-create-your-first-data-story-in-tableau/#ftag=RSS56d97e7

How to create your first data story in Tableau

https://www.techrepublic.com/article/hologram-virtual-meetings-envisioning-the-future-of-remote-collaboration-hiring-and-more/#ftag=RSS56d97e7

Hologram virtual meetings? Envisioning the future of remote collaboration, hiring, and more

About The Author

Leave a Reply

Cancel reply

Recent Posts

  • New tech and gadgets you absolutely can’t miss
  • Razer Pro Click ergonomic wireless mouse maximizes your productivity
  • Lume Cube Panel Mini Bicolor LED Light provides on-the-go lighting for photographers
  • LINKA LEO GPS Smart Bike Lock can track your bicycle’s movements in more than 100 countries
  • Razer Pro Glide soft mouse mat cushions your hand during use

Recent Comments

    Archives

    • August 2020

    Categories

    • Features
    • Gadget
    • Mobile
    • Uncategorized

    Meta

    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org

    TechTronBlog.com

    Technology, Innovation, Collaboration
    Copyright © 2021 TechTronBlog.com
    Theme by MyThemeShop.com

    Ad Blocker Detected

    Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

    Refresh