SBA Phishing Malicious Actors "Return to Roots in the Hunt for Money cheap cvv shop, free credit card dump sites

Here, have a cookie! See our Privacy Policy to learn more.
About the only thing that gives the con away here is the link — provided the recipient bothers to check it.This particular phish leads to an equally well-spoofed fake login page for the SBA: Again, for comparison purposes, here’s the real SBA login page. That’s right. The bad guys are going after the SBA accounts of businesses and other organizations who have applied for one of the several types loans and grants available through the SBA. Such accounts are particularly lucrative inasmuch as they offer the bad guys a wealth of exploitable information about businesses and organizations as well as a prime opportunity to re-route funds intended for those legitimate organizations:Your typical SBA account contains valuable data about applicant organizations, including:
It also contains a gold mine of banking information, including:
Note that in its instructions to loan/grant applicants the SBA explicitly advises those organizations to ensure that the bank account provided is properly set up to receive ACH payments. Even if the bad guys don’t manage to snatch loans or grants intended for a legitimate organization, there are plenty of other opportunities available to exploit the information in that organization’s SBA account.In many ways, this particular phish is a “return to roots” for malicious actors. Remember: the current plague of phishing emails got its start back around 2004 – 2005 with simple, straightforward spoofs of popular banks designed to trick users into coughing up credentials for their online banking accounts. This latest SBA-themed phishing campaign amounts to the same thing. And it could prove potentially devastating to businesses and organizations already on the ropes in this virus-ravaged economy.ConclusionThe COVID-19 pandemic has damaged businesses, organizations, and individuals — pushing many to the brink of insolvency. It has also provided malicious actors with a wealth of opportunities to develop social engineering schemes designed to facilitate fraud of one sort or another.With your users working from home and your senior executives undoubtedly consumed with keeping your organization afloat, it is imperative — now more than ever — that you get those employees trained to spot and handle malicious phishing emails. That means stepping them through New-school Security Awareness Training and testing them regularly with simulated phishing emails like the real ones we’ve looked at here.
And keep in mind that this kind of training is critical not just for the lowly cubicle dwellers in your organization but for the senior-most members of your organization as well — the very folks who might be targeted with the kinds of sophisticated SBA-themed phishing emails documented above. To do anything less simply courts catastrophe.
Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.
cheap cvv shop free credit card dump sites