Alert: We’ve received reports of a phishing attempt targeting Umpqua Bank customers. Please do not click any links in suspicious emails or enter personal information on unusual login pages. Learn more

Open an Embark Checking account today and get rewarded.

If you or your small business have been impacted negatively due to quarantine or income loss, contact us.
Fraudsters Spoofing SBA Target PPP Loan Recipients

We’ve received an alert from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) that fraudsters armed with fake email addresses and websites are targeting PPP recipients to obtain Small Business Administration (SBA) COVID-19 loan relief login credentials. Don’t give it to them.
The real SBA will not ask you to log in to SBA.gov for PPP information.  If you hand over your login information to fraudsters, it will be used for nefarious purposes. Fortunately, thwarting their plan is easy: You just need to stay informed and be vigilant.
How to spot the SBA Spoofing scam
The malicious email appears to come from disastercustomerservice@sba.gov and has the subject line “SBA Application – Review and Proceed.” It contains a malicious link to a fake SBA COVID-19 Relief page, where PPP recipients are prompted to log in with their SBA credentials. Again, the SBA will not ask you to log in to SBA.gov for PPP information. If you receive an email from this address, don’t even open it. Instead, congratulate yourself for being vigilant and hold your head a little bit higher for the rest of the day.
What to do if you believe you’ve received an SBA spoofing email
If you receive an email about your PPP loan and are unsure if the email or sender is legitimate, you can call Umpqua Bank at 866-486-7782. You can also visit  https://www.umpquabank.com/security-center/ for tips on protecting your online identity and how to identify red flags.  
If you believe you may be a victim of cyber fraud, please contact Umpqua Bank immediately at 866-486-7782 or visit https://www.umpquabank.com/help-center/report-fraud/.
Please see the alert  for more information, including the IP address, indicators of compromise, and recommended mitigations for small businesses and organizations to take to strengthen their cybersecurity posture. 
Quick tips for detecting spoofed hyperlinks and websites
Wondering if a link you’ve been sent might be fraudulent? Try hovering your cursor over any link in the body of an email. If the link doesn’t match the text that appears when hovering over it, it may be spoofed.
Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net). Be sure to check before providing any sensitive information. Additionally, cybercriminals may use a URL shortening service to hide the true destination of the link. Be on the lookout and make sure you trust the site before proceeding.
Learn more about staying safe from fraudsters:
Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails
Related Posts
-
Know When to Hold ‘Em, Know When to Fold ‘Em
December 01, 2020 Business SuccessLoading... -
Understanding the CARES Act Tax Revisions
The federal coronavirus economic relief plan includes some significant tax provisions that may affect you. Here’s everything you need to know.April 13, 2020 Business Success -
-
-
-
-
-
This Christmas, Gift Yourself Savings: Holiday Budget Tips to Start the New Year Right
December 12, 2018 Money Matters -
Budgeting for uncertainty
If the idea of budgeting gives you anxiety, we’re here to help with some simple steps to begin or revisit your budget.July 23, 2020 Money Matters -
-
-
More Mobile Banking Means More Mobile Bank Fraud
More mobile bank users might mean more mobile bank fraud. Luckily, there are a few key steps you can take to protect your financial information.July 27, 2020 Money Matters -
Are you getting the most out of Umpqua Go-To?
Get personalized advice without being in person.May 05, 2020 Money Matters -
Fight Fraud: Know What Your Bank Won’t Ask You
Fraudsters are getting better at posing as representatives of banks to trick unsuspecting customers. Here’s how you can help protect yourself.November 10, 2020 Money Matters -
Beware Cupid’s Fraudulent Arrow: How to Protect Your Money and Your Identity from E-Romance Scams
Beware Cupid’s Fraudulent Arrow: How to Protect Your Money and Your Identity from E-Romance ScamsFebruary 09, 2021 Money Matters -
-
-
-
Financial life lessons from the Pacific Crest Trail
A comfortable retirement is a lot like a months-long hike: the more detailed the planning, the more likely you’ll reach your destination.December 31, 2020 Money Matters -
Three Tips to Help Secure Your Online Banking Experience
Three Tips to Help Secure Your Online Banking Experience in Honor of Safer Internet Day.February 09, 2021 Money Matters -
-