Classic phishing attacks identify an item of information or an opportunity that is appealing to a target audience, and they use that to bait the target into clicking a malicious link or opening a corrupted file. Like a worm to a fish. Hence the term, phishing.
The earliest attacks fed off of a near universal allure – money. Do as I say, and you will receive hundreds of thousands, or even millions, of dollars. As we wised up, the scams became more tailored. Professionals were hit with new client inquiries. Manufacturers received purportedly important alerts from trade associations. Parents’ in-boxes were inundated with phony updates from their children’s schools (yes, this has happened).
There has likely never been a single subject, however, with the same universal appeal as information related to the COVID-19 outbreak. And phishing scammers know it.