Suspicious Activity Detected in COVID-19 EIDL program

Jul 23, 2020

Update August 20: SBA impersonators are email phishing to scam businesses who have applied for an EIDL to upload additional personal information to a third party platform. If you suspect fraudulent activity, contact the SBA Inspector General.

The SBA has issued COVID-19 a disaster for U.S states and territories due to the economic loss businesses have faced. The SBA Economic Injury Disaster Loan (EIDL) program offered up $10,000 to qualifying small businesses, private non-profit organizations and agricultural businesses that suffered substantial economic injury. 

Due to recent suspicious activity regarding the disbursement of EIDL funds, applicants and borrowers should be aware that the SBA funds are only deposited into the verified Financial Institution account using the Employer Identification Number (EIN) or a Social Security Number (SSN). Third parties are not permitted to supply EIDL program funds to applicants or borrowers. 

These instances outline signs of suspicious activity: 

  • Use of stolen identities or EIN or SSN numbers to qualify for the EIDL advance or EIDL loan.

  •  Purported businesses, including front or shell companies, lacking an indicia of operating presence or history, receiving EIDL advances or EIDL loans. 

  • Applicants working with third parties to obtain EIDL advances or EIDL loans in exchange for keeping a percentage of the funds. 

  • Account holders that are victims of social engineering schemes and may not know that the source of the funds is an EIDL advance or EIDL loan. 

  • A customer advises a financial institution that the customer received a COVID-19 EIDL ACH deposit from “SBAD TREAS 310” and “Origin No. 10103615” into their account, but did not apply for a COVID-19 EIDL loan. 

  • The financial institution is aware that it previously denied a customer’s Paycheck Protection Program loan after applying the institution’s risk-based Bank Secrecy Act compliance protocols.

If you have received EIDL COVID-19 funds, review your transaction history to check for suspicious activity. Examine the depository transaction for the following:

  • A customer not known to be a small business, sole proprietor, or independent contractor receives a lump sum COVID-19 EIDL ACH deposit from “SBAD TREAS 310” and “Origin No. 10103615” into a personal account. 

  •  A new customer opens an account and shortly thereafter receives a COVID-19 EIDL ACH lump sum deposit from “SBAD TREAS 310” and “Origin No. 10103615”. 

  • A single account receives multiple EIDL advance or multiple EIDL loan deposits.

If suspicious activity is detected in a customer’s COVID-19 EIDL loan, the SBA requests that the activity is reported to the SBA’s Office of Inspector General via email. Institutions should also follow their institutions’,  state and federal guidelines in reporting the activity. This includes filing a report through the Financial Crimes Enforcement Network (FinCEN). If you have questions or concerns, contact the SBA COVID-19 EIDL program at