Cofense Logo - Email Security Solutions

New COVID Variant Can Lead to New Phish Themes

Share Now


Since the start of the COVID pandemic, Cofense has observed several phishing campaigns leveraging pandemic themes. Just as organizations were sending their workers to work remotely, most for the first time, attackers used those HR and policy communications. As vaccines were being rolled out, they used it. Back to the office protocols, they used it. Delta variant. Vaccine passport. We’ve seen it all. They also started just inserting the word “COVID” or “Coronavirus” into their templates to boost the likelihood of recipient interaction. And now as the new Coronavirus variant omicron moves into the headlines, it means a new variant for threat actors to update their phishing templates.

Cofense has held firm on not including these various topics in our simulation library over the past year and a half. While the pandemic has had a lasting effect on our employees, using these themes can lead to confusion as organizations try to communicate ongoing changes for the health and safety of the organization. We recommend using a newsletter, for example, to communicate to your employees about the topic. Cofense also can help with more detailed guidance.

Threat actors never stop improvising new ways to do harm. With this latest development in the pandemic’s evolution, the need for caution is difficult to overstate. We’re here to help with resources and solutions. Check out the Cofense Coronavirus Info Center and contact us to learn how we can help you stop COVID-exploiting phish.

All third-party trademarks referenced by Cofense whether in logo form, name form or product form, or otherwise, remain the property of their respective holders, and use of these trademarks in no way indicates any relationship between Cofense and the holders of the trademarks. Any observations contained in this blog regarding circumvention of end point protections are based on observations at a point in time based on a specific set of system configurations. Subsequent updates or different configurations may be effective at stopping these or similar threats. Past performance is not indicative of future results.
The Cofense® and PhishMe® names and logos, as well as any other Cofense product or service names or logos displayed on this blog are registered trademarks or trademarks of Cofense Inc.



We use our own and third-party cookies to enhance your experience by showing you relevant content, personalizing our communications with you, and remembering your preferences when you visit our website. We also use them to improve the overall performance of our site. You can learn more about the cookies and similar technology we use by viewing our privacy policy. By clicking ‘Accept,’ you acknowledge and consent to our use of all cookies on our website.

This site is registered on as a development site.