Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Sponsored By
CISA Warns of Phishing Campaign with Loan-Relief LureCISA Warns of Phishing Campaign with Loan-Relief Lure
Phishing emails and fake website promise help with the Small Business Administration's program that aids those affected by COVID-19.
Dark Reading Staff
August 14, 2020
1 Min Read
The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about an in-progress phishing campaign using the Small Business Administration (SBA) COVID-19 loan-relief program as bait. According to the warning, the still-unknown malicious actor has spoofed the SBA's loan-relief page and is using the fake site to steal credentials and carry out other malicious actions.
The warning says that CISA analysts have seen phishing emails addressed to various federal civilian executive branch recipients as well as those in state, local, tribal, and territorial government. The indicators of compromise include a number of specific IP addresses to which URLs resolve, URLs that include the string "leanproconsulting," and display URLs that feature legitimate agency prefixes with unusual top-level domains.
Among the mitigations CISA suggests are keeping anti-malware and systems software up to date, and reminding employees to be careful about clicking on links in email messages.
For more, read here.
About the Author(s)
You May Also Like
More Insights
Webinars
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication Methods
Oct 26, 2023Modern Supply Chain Security: Integrated, Interconnected, and Context-Driven
Nov 06, 2023How to Combat the Latest Cloud Security Threats
Nov 06, 2023Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and Phishing
Nov 01, 2023SecOps & DevSecOps in the Cloud
Nov 06, 2023
