Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
CISA Warns of Phishing Campaign with Loan-Relief Lure
Phishing emails and fake website promise help with the Small Business Administration's program that aids those affected by COVID-19.
1 Min Read
The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about an in-progress phishing campaign using the Small Business Administration (SBA) COVID-19 loan-relief program as bait. According to the warning, the still-unknown malicious actor has spoofed the SBA's loan-relief page and is using the fake site to steal credentials and carry out other malicious actions.
The warning says that CISA analysts have seen phishing emails addressed to various federal civilian executive branch recipients as well as those in state, local, tribal, and territorial government. The indicators of compromise include a number of specific IP addresses to which URLs resolve, URLs that include the string "leanproconsulting," and display URLs that feature legitimate agency prefixes with unusual top-level domains.
Among the mitigations CISA suggests are keeping anti-malware and systems software up to date, and reminding employees to be careful about clicking on links in email messages.
For more, read here.
About the Author(s)
You May Also Like
More Insights
Webinars
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Events
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024
