The Cybersecurity and Infrastructure Security Agency is investigating a cybercriminal who has used phishing emails posing as messages from the Small Business Administration.
The emails contain a fake link pretending to be for SBA's COVID-19 loan relief, CISA said Wednesday. The malicious actor attempts to steal credentials through this method of fraud.
These emails are subject-labeled "SBA Application – Review and Proceed" and come from a sender known as "email@example.com." The malicious link leads to a website "leanproconsulting.com."
Analysts said the emails have been sent to entities from state, local and federal governments.
CISA advises concerned organizations to observe a number of practices such as placing warning banners on all external emails, deleting suspicious email attachments and restricting software installation permissions.