CISA Warns on Cyber Actor Posing as Small Business Administration

CISA Warns on Cyber Actor Posing as Small Business Administration

The Cybersecurity and Infrastructure Security Agency is investigating a cybercriminal who has used phishing emails posing as messages from the Small Business Administration.

The emails contain a fake link pretending to be for SBA's COVID-19 loan relief, CISA said Wednesday. The malicious actor attempts to steal credentials through this method of fraud.

These emails are subject-labeled "SBA Application – Review and Proceed" and come from a sender known as "" The malicious link leads to a website ""

Analysts said the emails have been sent to entities from state, local and federal governments.

CISA advises concerned organizations to observe a number of practices such as placing warning banners on all external emails, deleting suspicious email attachments and restricting software installation permissions.

Check Also


FireEye to Provide Cybersecurity Defenses to Texas DIR; Pat Sheridan Quoted

FireEye, Inc. has announced that it will offer cyber security defenses to Texas public sector agencies, under Texas Department of Information Resources (DIR), the company reported on Thursday. Through the end of 2020, FireEye security products and Mandiant Solutions services will be available to all Texas agencies, county governments, cities and school districts through DIR’s Bulk Purchase Initiative for Endpoint Detection and Response (EDR) solutions.