Skip to content
"VC3 has made it easier than ever before for our local government to serve our citizens by providing us with modern web tools and a team
of talented and courteous professionals.
City of Valdosta, GA

Municipal League Partnerships

VC3 is the IT partner that focuses on municipalities. We understand your budgeting cycles and critical

Find All the Resources You Need

Our resources & insights includes case studies, client testimonials, guides, checklists, blog articles and more!


2 min read

COVID-19 Phishing Attacks Up 600%


As with any disaster, there are always people who want to take advantage of disruption, confusion, and concern. The global COVID-19 crisis is no different. Bad actors and cybercriminals were always likely to try to exploit this pandemic, especially as the increase in remote working has left many organizations with new vulnerabilities in their systems.

In the first quarter of 2020, phishing attacks related to COVID-19 increased by 600%, according to KnowBe4, a security awareness and simulated phishing platform. The second most popular and most clicked email message of the whole quarter was a fake email alert claiming to come from the Centre for Disease Control (CDC) warning about COVID-19 cases. 

During these confusing times, it is vital to be vigilant about your online security and behaviors. Cyberattacks taking advantage of the situation, however, are not always going to be obvious or even directly related to COVID-19. As organizations pivot to remote working and people across the world adapt to working from home, many for the first time, there are a number of ways that cybercriminals are targeting vulnerabilities.

Some of the most common attacks this quarter are related to home working or new technology. Phishing subject lines are targeting rescheduled meetings, SharePoint, COVID-19-related disaster recovery strategies, and messages about working from home. Similarly, messages related to remote working tools like Microsoft Teams, Zoom, and VPN connections have become significantly more common. 

With these subjects, malicious actors are preying on the heightened stress and distraction of the situation, as well as taking advantage of people adapting to new ways of working and the urgency of a lot of work. During these periods, people tend to react more instinctively before thinking logically about the security or legitimacy of an email.

At VC3, we’ve previously explored the dangers of email phishing and the importance of being constantly vigilant when it comes to potential attacks. Now more than ever, remaining alert to potential threats and always being cautious of clicking links in emails is vital. Any email from someone you don’t know or an unfamiliar address should be treated with caution and double-checked for potential threats. But it’s important to be thoughtful even when an email comes in from a trusted source, as phishing attacks can be incredibly subtle.

Always check links, and be suspicious of shortened URLs like and If an email reads oddly or doesn’t scan, then double-check it. Remember that reputable companies are highly unlikely to ask you to click a link or enter your personal details. If you are being asked to do something unusual, even at this unusual time, then just take a moment to think about whether the ask is sensible and trustworthy. When it comes to internal contacts, it never hurts to pick up the phone or send a message to check that an email really is all that it seems. 

The key takeaway from the data around phishing attacks in the first quarter of 2020 is that cyber criminals and bad actors are adapting extremely fast to the new situations that organizations and employees find themselves in, and an extra cautious approach to cyber security is going to be required for the foreseeable future.

Let's talk about how VC3 can help you AIM higher.