Emails Seemingly Sent from the Small Business Administration Regarding COVID-19 Loan Relief Could Be Phishing Emails: Exercise Caution!

August 14, 2020
Molly Arranz
SmithAmundsen Data Privacy & Security Alert


Practice Areas


The Small Business Administration (SBA) has been added to the list of organizations recently targeted by cyber threat actors. The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) is currently tracking an unknown malicious actor (or actors) spoofing the SBA’s COVID-19 relief webpage via phishing emails. These emails include a bogus link to a fake SBA login page used for malicious redirects and credential stealing.

What can you do?

This cyber threat, found at the intersection of a continued, favorite tool of threat actors (phishing emails) and the daily stress for small businesses (the financial impact of COVID-19), is only the latest in a string of malicious attacks of businesses’ data security systems. Regular training and updating of cyber-security practices remain crucial.