The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an alert about phishing attacks targeting various government organizations to steal logins for the Small Business Administration COVID-19 loan relief accounts. The malicious email has the subject line “SBA Application – Review and Proceed”” and comes from the spoofed email address “”disastercustomerservice@sba[.]gov”” A link in the email body promises to take the recipient to the account sign-in page on the SBA website.”
Source: https://www.bleepingcomputer.com/news/security/cisa-alerts-of-phishing-attack-targeting-sba-loan-relief-accounts/