Are we starting to sound like a broken record? Because we're starting to feel like one.
New COVID-19 scams are running rampant throughout the digital sphere. From contact tracing smishing schemes to fake vaccines, SecureWorld has covered many of them.
Sometimes, it feels like false information about this disease spreads even faster than the virus itself.
What makes this new alert different? This time, it has the attention of the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
It's no surprise that small businesses have struggled amid the coronavirus pandemic. Unfortunately, hardships also make them prime targets for cybercriminals, who tend to seek out vulnerable organizations. It's part of the reason the healthcare industry has also struggled against cyberattacks during COVID-19.
And according to a recent alert from CISA, this cyber actor is particularly brutal to the groups who need the most help.
Through phishing emails, this scheme directs users to a spoofed Small Business Administration (SBA) COVID-19 loan relief web page. Rather than offering financial assistance, though, this web page is a tool for malicious redirects and credential stealing.
It's a cruel scam, and another reminder of the importance of strong cybersecurity practices for small businesses.
For organizations looking to improve their cybersecurity practices in response to this alert, CISA provides a list of mitigations: