Close Modal
August 13, 2020 | Business Success

Fraudsters Spoofing SBA Target PPP Loan Recipients

We’ve received an alert from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) that fraudsters armed with fake email addresses and websites are targeting PPP recipients to obtain Small Business Administration (SBA) COVID-19 loan relief login credentials. Don’t give it to them. 

The real SBA will not ask you to log in to SBA.gov for PPP information.  If you hand over your login information to fraudsters, it will be used for nefarious purposes. Fortunately, thwarting their plan is easy: You just need to stay informed and be vigilant.

 

How to spot the SBA Spoofing scam

The malicious email appears to come from disastercustomerservice@sba.gov and has the subject line “SBA Application – Review and Proceed.” It contains a malicious link to a fake SBA COVID-19 Relief page, where PPP recipients are prompted to log in with their SBA credentials. Again, the SBA will not ask you to log in to SBA.gov for PPP information. If you receive an email from this address, don’t even open it. Instead, congratulate yourself for being vigilant and hold your head a little bit higher for the rest of the day. 

 

What to do if you believe you’ve received an SBA spoofing email

If you receive an email about your PPP loan and are unsure if the email or sender is legitimate, you can call Umpqua Bank at 866-486-7782. You can also visit  https://www.umpquabank.com/security-center/ for tips on protecting your online identity and how to identify red flags.   

If you believe you may be a victim of cyber fraud, please contact Umpqua Bank immediately at 866-486-7782 or visit  https://www.umpquabank.com/help-center/report-fraud/.

Please see the alert  for more information, including the IP address, indicators of compromise, and recommended mitigations for small businesses and organizations to take to strengthen their cybersecurity posture.  

 

Quick tips for detecting spoofed hyperlinks and websites

Wondering if a link you’ve been sent might be fraudulent? Try hovering your cursor over any link in the body of an email. If the link doesn’t match the text that appears when hovering over it, it may be spoofed.  

Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net). Be sure to check before providing any sensitive information. Additionally, cybercriminals may use a URL shortening service to hide the true destination of the link. Be on the lookout and make sure you trust the site before proceeding. 

 

Learn more about staying safe from fraudsters:

Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails 

Avoiding Social Engineering and Phishing Attacks 

Related Posts

  • Know When to Hold ‘Em, Know When to Fold ‘Em

    Read more
    December 01, 2020 Business Success
     
    Loading...

  • Understanding the CARES Act Tax Revisions

    The federal coronavirus economic relief plan includes some significant tax provisions that may affect you. Here’s everything you need to know.
    Read more
    April 13, 2020 Business Success

  • 10 Ways to Protect Against Fraud

    Read more
    January 27, 2020 Money Matters

  • Money in Motion: Planning for 2019 and Beyond

    Read more
    January 01, 2019 Money Matters

  • Internet Fraud: The Other Hidden Virus

    Read more
    March 25, 2020 Money Matters

  • 5 Tips to Save Money on Holiday Travel

    Read more
    November 09, 2018 Money Matters

  • 6 Steps to Plan and Save for Your Dream Vacation

    Read more
    February 12, 2019 Money Matters

  • This Christmas, Gift Yourself Savings: Holiday Budget Tips to Start the New Year Right

    Read more
    December 12, 2018 Money Matters

  • Budgeting for uncertainty

    If the idea of budgeting gives you anxiety, we’re here to help with some simple steps to begin or revisit your budget.
    Read more
    July 23, 2020 Money Matters

  • How to Resist Temptation and Save More in 2019

    Read more
    January 30, 2019 Money Matters

  • What is Phishing? Know the Signs to Avoid Phishing Attempts

    Read more
    July 24, 2018 Money Matters

  • More Mobile Banking Means More Mobile Bank Fraud

    More mobile bank users might mean more mobile bank fraud. Luckily, there are a few key steps you can take to protect your financial information.
    Read more
    July 27, 2020 Money Matters

  • Are you getting the most out of Umpqua Go-To?

    Get personalized advice without being in person.
    Read more
    May 05, 2020 Money Matters

  • Fight Fraud: Know What Your Bank Won’t Ask You

    Fraudsters are getting better at posing as representatives of banks to trick unsuspecting customers. Here’s how you can help protect yourself.
    Read more
    November 10, 2020 Money Matters

  • Beware Cupid’s Fraudulent Arrow: How to Protect Your Money and Your Identity from E-Romance Scams

    Beware Cupid’s Fraudulent Arrow: How to Protect Your Money and Your Identity from E-Romance Scams
    Read more
    February 09, 2021 Money Matters

  • What You Need to Know About Divorce and Dividing Assets

    Read more
    October 21, 2019 Money Matters

  • Holiday Shopping Online Safety Guide

    Read more
    November 20, 2018 Money Matters

  • Coronavirus and Protecting Your Financial Health

    Read more
    March 10, 2020 Community

  • Financial life lessons from the Pacific Crest Trail

    A comfortable retirement is a lot like a months-long hike: the more detailed the planning, the more likely you’ll reach your destination.
    Read more
    December 31, 2020 Money Matters

  • Three Tips to Help Secure Your Online Banking Experience

    Three Tips to Help Secure Your Online Banking Experience in Honor of Safer Internet Day.
    Read more
    February 09, 2021 Money Matters

  • Tax Tips: 5 Last-Minute Ways to Save Money on 2018 Taxes

    Read more
    March 25, 2019 Business Success

  • Beware this COVID-19-Themed Social Security Scam

    Read more
    April 03, 2020 Money Matters