On April 27, the U.S government’s coronavirus relief fund for small businesses – the Payroll Protection Program – resumed lending, after an additional $320 billion in funding was authorized to help small businesses keep employees on the payroll.
The program will provide much needed relief for small businesses, but it could also provide cybercriminals with another prime opportunity to cash in on Covid-19 related schemes. Over the last month, Tessian has identified ways in which criminals have taken advantage of the global pandemic to make their scams more effective – from impersonating remote working and collaboration tools to tricking people into clicking onto fake stimulus check domains.
We are now warning small businesses of the PPP and CARES Act scams that they could face.
Tessian’s latest research reveals that 645 domains related to the PPP were registered between March 30 and April 20, with the majority of the domains being registered in the week following the US government’s announcement on March 31.
While 85% of the domains are offline, it’s unclear how long they will remain offline for. Of the newly registered domains that are currently live:
Worryingly, a recent survey by IBM X-Force found that only 14% of small business owners say they are very knowledgeable about how to access the SBA’s loan relief program. Cybercriminals will use this to their advantage, targeting those individuals seeking more information or guidance on the PPP. And although not every newly registered PPP domain may be malicious, it’s possible that these websites could be set up to trick people into sharing money, credentials or personal information.
Small businesses have been prime targets throughout the global pandemic. We’ve seen a number of spam campaigns whereby hackers impersonate the Small Business Administration (SBA) or well-respected banks to entice people into opening malicious attachments or sharing sensitive information. At this time, we urge small business owners and staff to think twice about what they share online and question the legitimacy of the emails they receive.
Our advice to avoiding the PPP scams: