COVID-19 has created for both cyber criminals and traditional fraudsters, a new report claims.

The report, entitled The First 100 Days of Coronavirus, was prepared by Mimecast.

“Increases in coronavirus-related spam and impersonation attack campaigns are exploiting the vulnerability of users working at home, taking advantage of their desire for information about the coronavirus pandemic to entice them to click on unsafe links,” the Mimecast authors noted.

“Traditional fraudsters are also using spam to offer fake or non-existent goods such as protective masks or COVID-19 cures.”


The Mimecast Threat Intelligence team analysed key trends in activity for the first 100 days.

The monthly volume of all detection categories reviewed rose “significantly” – by 33% –between January and the end of March 2020.

  • Spam/opportunistic detections (increased by 26.3%)
  • Impersonation detections (increased by 30.3%)
  • Malware detections (increased by 35.16%)
  • Blocking of URL clicks (increased by 55.8%).

Employees working at home may be insufficiently aware of cyber-threats, according to the report.

According to the report, the rise in unsafe clicks suggests “an urgent need to refresh awareness training for employees and help them create a secure working environment”.

The authors noted lookalike domains were easily forged, and the report documents a corresponding surge in domain-related abuse in relation to COVID-19 and associated monikers.

Mimecast observed some 60,000plus coronavirus-related registered spoof domains since early January 2020.

“IT teams need to consider which communication services they want to sanction for secure work at home,” the report noted. The report was issued within hours of Toll Group confirming it had been the subject of another cyberattack, the second such incident this calendar year.