September 23, 2023

Volume XIII, Number 266


September 22, 2023

Subscribe to Latest Legal News and Analysis

September 21, 2023

Subscribe to Latest Legal News and Analysis

A Phishing Pandemic – Part I

It’s upsetting to report, but should come as no surprise, that scammers are seeking to take advantage of organisations during the COVID-19 pandemic.

The Australian Competition and Consumer Commission’s Scamwatch website reports that phishing attacks are on the rise, with scammers impersonating the World Health Organisation and other agencies. Scams include anything from offering victims a vaccine for COVID-19 to investment opportunities created by the pandemic.

FraudWatch International also states that they have monitored various types of cyberattacks over the last few weeks arising in response to the pandemic, which include phishing attacks, state-sponsored attacks, and malware in the form of Trickbot and other trojans. In fact, more than 3,600 new domains containing the phrase “Coronavirus” were created in the past five days, with the vast majority of them destined to host phishing sites and spread malware.

Scammers are also targeting employees and businesses who are working remotely from their homes. Cynet reports that there has been an increase in remote user credential theft and weaponised email attacks, given that working from home often means working on personal, and predominantly unsecure, devices. While the increases in such attacks have primarily arisen in Italy, they are likely to take place in other countries as COVID-19 continues to spread worldwide.

Insurance organisation Beazley also reports that it saw an increase in 2019 and 2020 of its policyholders being victim to cyberattacks. Many business operations came to a standstill during the attacks and ransoms demanded by malicious actors skyrocketed, reaching seven or eight figures! Beazley also notes that scammers have been using ransomware variants alongside banking trojans during the pandemic. This two-pronged approach has the ability to encrypt, access and steal an organisation’s data for the purposes of a ransom.

The message from these reports is clear. All organisations should be continuously reminding their employees and contractors of their security and data protection protocols, as well as making sure that the security measures are actively working to prevent coronavirus-related scams. Organisations should also update and refresh their employee training to provide employees with the tools to mitigate the heightened risks. 

Copyright 2023 K & L GatesNational Law Review, Volume X, Number 85

About this Author

Cameron Abbott, Technology, Attorney, Australia, corporate, KL Gates Law Firm

Mr. Abbott is a corporate lawyer who focuses on technology, telecommunications and broadcasting transactions. He assists corporations and vendors in managing their technology requirements and contracts, particularly large outsourcing and technology procurements issues including licensing terms for SAP and Oracle and major system integration transactions.

Mr. Abbott partners with his clients to ensure market leading solutions are implemented in to their businesses. He concentrates on managing and negotiating complex technology solutions, which...

Senior Attorney

Ms. Aggromito is a senior lawyer in the lawyer in the Melbourne commercial technology and sourcing team focusing on IT, privacy and data protection.

Rebecca Gill Commercial Technology and Sourcing Lawyer Melbourne K&L Gates

Ms. Gill is a lawyer in our Corporate and Transactional team at the Melbourne office.

Primary Practice

Commercial Technology and Sourcing


  • J.D., Melbourne School of Law University of Melbourne, 2018
  • B.A., University of Melbourne, 2014
  • Certificate I in Vocational Preparation, Australian Employment and Training Solutions, 2014