Please be aware of a variety of malicious attempts by cyber-criminals taking advantage of the Small Business Administration (SBA)’s COVID-19 relief efforts to gather sensitive information and steal funds from businesses. Always think before you click!

Grants/Loans

• The SBA does not initiate contact on either loans or grants.  If you are proactively contacted by someone claiming to be from the SBA — suspect fraud.
• If you are contacted by someone promising to get approval of an SBA loan, but requires any payment up front or offers a high interest bridge loan in the interim, suspect fraud.

Phishing

• If you are in the process of applying for an SBA loan and receive email correspondence asking for personally identifiable information (PII), ensure that the referenced application number is consistent with the actual application number.
• Look out for phishing attacks/scams utilizing the SBA logo. These may be attempts to obtain your information to obtain personal banking access, or to install ransomware/malware on your computer. The presence of an SBA logo on a web page does not guarantee the information is accurate or endorsed by the SBA.  Please cross-reference any information you receive with information available at www.sba.gov.
• Any email communication from the SBA will come from accounts ending with sba.gov.