Taking advantage of people’s need for financial assistance, these scammers pose as a bank offering “forgivable business loans to individuals impacted by the pandemic.”
Nothing says low life more than someone who purposely targets those who are already down and out. Those responsible for a new scam identified by the security researchers at Abnormal Security are the lowest of the low – running a scam essentially promising free money to those that are in need.
In this scam, thousands of potential victims were sent an email impersonating an SBA Lender “World Trade Finance” informing the recipient that the Paycheck Protection Program has been extended and they are now taking applications for new forgivable loans.
Those interested click a link that takes them to a legitimate Office 365 form that appears legitimate:
Victims are asked for every piece of personal information including name, birthdate, and social security number – along with other business details to make the form seem legitimate.
There were some telltale signs that this was a scam to begin with:
- The email is sent to ‘payments@sba.pppgov.com’, a domain obviously not associated with the government.
- It appears the actual recipient must have been blind cc’d
- The link goes to an Office 365 form and not something embedded in the business’ actual website
- While there is a ‘World Trade Finance’ that is an SBA lender, a quick look up of the lender and a comparison to the address provided in the email would result in a mismatch.
Users can easily avoid becoming the victim of such scams once they look at email and web content through a scrutinizing lens. This only comes through continual Security Awareness Training that educates users on what to look for, the types of scams that occur, and how to keep a vigilant mindset while working.
Here's how it works:
