Just when you thought they couldn’t get any more clever, a new phishing scam forewent the usual credential-hacking tactics in favor of something sneakier: looking a lot like Microsoft’s Office365, a household product most of us know and trust.

A shocking 25% of retailers have permanently lost critical data that has significantly impacted their company, a recent survey finds.

The latest COVID-19 scam, Microsoft warns, is a phishing hoax sent via email.

While small-time hackers are targeting personal computers, larger and more malevolent groups are thinking bigger: attacking essential organizations–like local governments, pharmaceutical organizations, medical research companies, schools, and healthcare facilities.

More than 51,000 domains have been claimed in the name of COVID-19 since it reared its ugly face just a few months ago, and according to researchers, a whopping 9% of them are under investigation for the possibility of being malicious.

Reports have recently surfaced of phishing and malware scams offering “helpful” things like: voicemails containing virus updates, natural remedies, cures, tips on disinfecting your home, and fake products to use during quarantine.

In response to COVID-19, CISA (the Cybersecurity and Infrastructure Security Agency) is urging those who’ve been sent home to work to take extra caution as they connect to their organization through VPN.