(916) 784-1040 info@mmwcpa.net

How Fraudsters are Trying to Steal Your Assistance

Want More Information?


OR CALL (916) 784-1040

​Fraudsters are rolling out new bait regarding receiving economic aid.

As the COVID-19 pandemic situation continues evolving, so too are the scams fraudsters are unleashing to profit off peoples’ emotions during these difficult times. The latest COVID-19-themed scams trick unsuspecting victims into providing valuable sensitive information (e.g., Social Security number, bank account details) and/or unknowingly downloading malicious software as part of what they assume are legitimate requests needed to receive money as part of the Coronavirus Aid, Relief, and Economic Security (CARES) Act.

Fraudsters are targeting both small business owners and individuals through widespread email phishing campaigns. Read on to learn how to avoid getting caught in their nets.

What small business owners need to know to help stay safe

Fraudsters posing as representatives from the U.S. Small Business Administration (SBA) are calling and emailing small business owners with illegitimate claims regarding how to receive grants or loans available under the CARES Act.

Small business owners should be extremely cautious of unsolicited communication from individuals claiming to be from the SBA. Below is some information that may be helpful to small business owners as they discern whether a communication is legitimate:​​

  • Grants. Due to the volume of interested parties and applicants, the SBA doesn’t reach out to small business owners directly and without prompting to see if they’d like to apply for a 7a or disaster grant (or loan). Small business owners receiving such communication should consider them highly suspicious and refrain from providing anything.
  • Loans. Given the number of applicants for SBA loans, there’s no such thing as a guaranteed approved application. However, anybody contacting a small business owner claiming the ability to do so—for an upfront fee—is bogus and should be considered fraudulent. The same goes for anybody offering a short-term, high-interest bridge loan.Small business owners should also be wary of SBA disaster loan brokerage fees that are higher than the following limits the SBA has established:
    • 3% for loans $50,000 or less, or
    • ​2% for l​oans $50,000 to $1,000,000, with an additional .25% on amounts over $1,000,000.

Qu​esti​ons about getting an SBA disaster loan should be directed to the SBA at 800-659-2955 or disastercustomerservice@sba.gov. Questions about other SBA lending products should be directed to the SBA’s Answer Desk at 800-827-5722 or answerdesk@sba.gov.

Small business owners should also refer to the SBA’s website to verify claims made in SBA-themed emails to help determine whether they are legitimate communications.

Identifying CARES Act-themed phishing emails

Fraudsters are also masquerading as representatives from federal government (e.g., SBA, Internal Revenue Service) or financial services entities in elaborate phishing email attacks designed to trick people into clicking on a malicious link, download a malicious attachment, or reply with sensitive personal information that could later be monetized.

Below are some key things anyone should consider to help determine whether an unsolicited email they receive regarding receiving money under the CARES Act is actual legitimate:

  • The email address of the sender. Always double-check to see, 1. Whether the name of the sender and their email address go together logically, and 2., Whether the email address itself appears to be one that you’d realistically receive emails from regarding the CARES Act.

    For example, an email from somebody named “John Smith” from the Internal Revenue Service most certainly won’t come from the email address, “ji28j2@xxx.ru.” In another example, an email claiming to be from the SBA will come from addresses ending with “@sba.gov,” not “@sba.gov.ru.”

    If the email sender’s name and their email address don’t seem to match up, and/or if the email address seems odd/unfamiliar​​, consider the email suspicious—don’t click on any links or attachments in it, and don’t perform any actions it requests.

  • Appearance. Just because an email—or a website linked from an email—contains an entity’s logo (e.g., IRS or SBA logo) and it looks and sounds like an authentic communication from that entity doesn’t mean it’s legitimate. Fraudsters can be very crafty in making emails and websites look legitimate, so don’t get fooled.
  • Links. Hover your mouse cursor over any links within such emails received to see if they go to what appears to be a legitimate website.For example, an email about a CARES Act aid application containing a link to “https://www.sba.gov” is likely to be legitimate, because that’s the SBA’s actual website. However, the same email with a link to “https://WWW.5BA.G0V.RU” is not (because the SBA’s homepage doesn’t contain numbers in its URL, and because the SBA isn’t a Russian entity).

    If something doesn’t match up (e.g., email address, website contained in a link), consider the email suspicious.

  • Confirmation number. One who’s going through an application process to receive a grant or loan as part of the CARES Act may receive a legitimate email from a federal government entity (e.g., SBA) asking for specific information (e.g., name, address). Such emails should contain the same application confirmation number the recipient received when applying for aid under the CARES Act. If the confirmation numbers don’t match, or the email doesn’t contain a confirmation at all, consider it suspicious.
  • Sense of urgency. Phishing emails often contain some type of urgent call to action (e.g., clicking on a link contained in the emails body) and/or outlandish claim to try to get readers to quickly take the bait and not think through their actions. For CARES Act-themed phishing emails, they may contain seemingly urgent messaging like, “Click this link to learn how you can be automatically approved for cash payments before the application process closes,” with the link actually containing a malicious computer virus designed to steal login credentials saved on the victim’s computer.Any email (especially unsolicited ones) appearing to be CARES Act-related and containing a sense of urgency to do something (especially if it sounds too good to pass up) should be considered suspicious; stop and think things through and try to verify the message before acting.
  • Verify information. Cross-reference information included in emails supposedly from government entities or financial instructions with information found on their respective websites. Whenever possible, type in the organization’s URL directly into your Web browser rather than clicking on a link in a questionable email. If the information doesn’t match-up, consider it suspicious.

Additional resources

Any suspected fraud like the scams listed above should be reported to Office of the Inspector General’s (OIG) Hotline at 800-767-0385 or online here. Visit this Federal Trade Commission (FTC) website for more information regarding scams involving the CARES Act.

These are uncertain and emotional times. Don’t let fraudsters take advantage of you, your customers, or other unsuspecting victims. Take the extra time to carefully review any communication you receive regarding the CARES Act. Always try to verify claims made in CARES-Act-themed emails by first using your Web browser to visit the website of the entity the email represents to cross-check whether the information appears authentic.

For more information on COVID-19-related scams, check out this article regarding malicious emails and websites, and this article regarding a new COVID-19 Social Security scam.

Get Our Experience On Your Side

Contact Information

Moore Messina Webb LLP.
2237 Douglas Blvd. Suite 140
Roseville, CA 95661

Phone: (916) 784-1040

Directions to Moore Messina Webb LLP.

Link to MMW CPA

Have a Question or Comment?