The Cybersecurity and Infrastructure Security Agency issued an alert today regarding an unknown malicious cyber actor targeting small business owners through phishing emails containing links that redirect victims to a spoofed Small Business Administration COVID-19 relief webpage used to steal credentials. The phishing email subject line currently reads “SBA Application – Review and Proceed” and the sender is marked as “disastercustomerservice@sba[.]gov”.

Please see the alert for more information, including the IP address, indicators of compromise, and recommended mitigations for small businesses and organizations to take to strengthen their cybersecurity posture.

Glass quad city bank and trust logo