Duncan Godfrey senior director of security , Auth0
Early in the pandemic, Google reported 18 million daily hoax emails related to COVID-19 scams. Since then, phishing attacks have become more targeted, impersonating remote working tools like Zoom and Microsoft Teams, playing on the availability of masks and testing; even masquerading as company CEOs to dupe users into giving up their passwords and other personal information. They can be so sophisticated that just 5% of Brits can spot scam emails according to a study by Computer Disposals Limited.
Phishing is just one of many ways hackers are taking advantage of the pandemic. Literally billions of credentials are floating on the internet, stolen from various data breaches over the years, and many people reuse their passwords. This has given rise to credential stuffing attacks, which try stolen credentials against a large number of websites in an attempt to take over accounts. Retail and media subscriptions (like Disney+) are likely