I was going to laugh off mask sale spam like I laugh off “you’ve won a free iPhone” malvertising, but then I read these articles about state governments and hospitals buying masks with cash in the dead of night and I wonder how many hospital staff members are clicking on them.

Just another COVID-19 thing for online criminals to exploit.

And god help the hospital network admin that *blocks* them and has a hysterical team berate them for keeping them from getting PPE. Yikes yikes yikes yikes yikes

Phishing / scamming is normally effective when people are psychologically pressured to make a bad risk decision quickly without considering it rationally (because of a threat or a reward that is time sensitive and emotional) and the pandemic has made that pervasive.

We are all emotionally and intellectually compromised to some degree *all the time* now, whether we’re exhausted and stressed essential workers, or laid off and short on money, or we are home, bored, and starved for human contact.

That makes us more vulnerable to scams.

And as security professionals, absolutely all our employees and contractors are, too.