With small businesses awaiting information about their Payroll Protection loans (SBA), scammers are now targeting small businesses with new phishing emails. The new campaign, discovered by Abnormal Security, is sending out emails claiming to be from a CARES act representative who needs a signature on a “PPP_CARES_SignaturePG1-2” document. Included in the email is a link titled “Review File & Sign” that if clicked on, will send them to a landing page that asks them to sign in with their Microsoft account. This landing page is a fake copy of the Office 365 login page designed to steal login credentials for attackers to use in BEC scams, potential network compromise, or additional phishing scams.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is