The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday released an alert about phishing attacks targeting various government organizations to steal logins for the Small Business Administration COVID-19 loan relief accounts.
In a newer phishing attack that started in August, security researchers saw the threat actor using convincing tricks to fool potential victims into providing personal and financial information
Some Countermeasures:
Checking the source of the message for the sender address will reveal the real one. Simply comparing it with the legitimate email will show the fraud attempt.
Paying attention to the URL in the address bar should also ensure that you don’t fall for a trick and are on the genuine page.
CISA recommends organizations include warning banners for messages from an external source. Even if the message bypasses email defenses, users may act with more caution.
Source: CISA alerts of phishing attack targeting SBA loan relief accounts
Download a Security Risk Assessment Steps paper!
Security Risk assessment Quiz – Find Out How Your security risk assessment Stands Up!
DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles
Subscribe to DISC InfoSec blog by Email
👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet
