We will soon be approaching one year since home and office coalesced into one nebulous mass for millions of people. Many organizations made temporary policy tweaks to adapt to stay-at-home orders in the wake of the coronavirus pandemic, but they are increasingly realizing that the future of work will include a permanently altered - and often remote - workforce. People are the most precious assets organizations possess, and they are also the assets most vulnerable to attack by cybercriminals. While the world around us has changed beyond recognition, the battleground for these targeted attacks remains worryingly familiar: email.
Cybercriminals quickly weaved the pandemic into their email scams earlier this year, and more recently impersonated the IRS by pretending to share updates about COVID tax relief in an attempt to steal sensitive tax information. In mid-April, Google’s Threat Analysis Group reported that they detected 18 million COVID-19 themed malware and phishing emails per day. And that’s without including all the email impersonation, invoice fraud, and phishing attacks that have nothing to do with COVID, but are dangerous nonetheless.