The cybersecurity and infrastructure security agency has indicated that they are tracking an unknown malicious actor who is spoofing the united state small business administration website as part of a new phishing scheme.
Phishing emails are being sent to federal civilian executive branch, state, local, tribal and territorial government recipients. The emails are showing a sender of disaster customer service at sba.gov and include the subject line SBA Application Review and Proceed.
The emails include links to the spoofed website which is at Leanproconsulting.co.br with an ending of sba.gov. The webpage at this address includes a login form that is used to attempt to steal usernames and passwords of unsuspecting victims.
It always a good idea to use caution when clicking on links especially unexpected emails, better yet just type them into the address bar rather than clicking and always check to make sure that the domain matches the domain for the website that you are expecting.
The URL in the phishing campaign uses sba.gov at the end of the path but it's the first domain in this case leanproconsulting.co.br that really matter for the web address.
very useful information thanks for sharing this❤️