The Australian government\u2019s passage of new coronavirus-era financial regulations and massive social-welfare programs are giving cyber criminals a whole new playbook to draw from \u2014 and creating new risks for CSOs \u2014 as they ramp up their targeting of anxious citizens in home isolation.With the COVID-19 pandemic likely to persist for many months yet, CSOs should assume that their companies will face increased levels of themed phishing attacks \u2014 particularly as successive Australian government policies drive further surges in exploitation of COVID-19 fears. By leveraging existing and emerging security tools to bolster corporate defences, CSOs can build up a corporate immunity to last through these challenging times.Latest scams prey on COVID-19 relief legislationSo many phone and phishing scammers have been actively exploiting recent changes to superannuation policies \u2014 which allow citizens to take out $10,000 from their superannuation retirement savings early without penalty \u2014 that the Australian Competition & Consumer Commission (ACCC) was forced to issue a formal warning about the rapidly escalating practice.Some 87 scam reports had been formally lodged with the government\u2019s ScamWatch service since mid March, the ACCC said, but actual volumes would likely be orders of magnitude higher as COVID-19 related scamscontinue to spread.\u201cFor most people, outside of their home, superannuation is their greatest asset and you can\u2019t be too careful about protecting it,\u201d ACCC deputy chair Delia Rickard said. \u201cThe Australian Taxation Office is coordinating the early release of super through myGov and there is no need to involve a third party or pay a fee to get access under this scheme.\u201dSuperannuation is regularly targeted by scammers and cyber criminals, with more than $6 million lost to such scams last year alone.Another major policy change is likely to see a similar resurgence in policy-related scams after legislation for the unprecedented JobKeeper program \u2014 which will pay employers the funds to keep their staff in jobs for the next six months \u2014 passed Australia\u2019s Parliament earlier this month in an extraordinary session that saw MPs recalled to Canberra from around the country.Amidst a flood of new information about entitlements and obligations, CSOs should already be working proactively to warn employees \u2014 most of whom are likely now working from home and may be outside of the normal protections of email spam filters \u2014 about the likelihood of increased scams, phishing emails, and extortion attempts.COVID-19 threats \u201ccontinue to represent a significant portion of the threat landscape,\u201d Proofpoint Australia and New Zealand country head Crispin Kerr said in a statement. \u201cWe\u2019ve already seen threat actors use the promise of COVID-19 payments to target consumers.\u201dProofpoint, like other security firms, has been observing targeted phishing campaigns such as a series of phishing emails purporting to be from a major Australian newspaper \u2014 but actually sent by a Romanian address and containing a PDF file with Microsoft OneDrive branding that requests OneDrive credentials.Another campaign purports to come from a World Health Organisation (WHO) and International Monetary Fund (IMF) \u2018relief compensation\u2019 organisation but also contains an Excel attachment that collects user emails and passwords.Cyber criminals \u201cknow people are looking for COVID-19 information out of concern for their safety and financial wellbeing,\u201d Kerr said, \u201cand that consumers are more likely to click on potentially malicious links, download nefarious attachments, or provide their personal information if related to the pandemic.\u201dCSOs need to implement DMARC on their network gatewaysCSOs in Australia and elsewhere should \u201cbe more aggressive in blocking potentially malicious emails and websites from their network gateway,\u201d Australian Cyber Security Centre (ACSC) acting head Karl Hanmore said in recently issuing an extensive warning about the need to be more vigilant against COVID-19 related exploitation.Recent weeks have seen thousands of COVID-19 related websites being registered \u2014 one study by Atlas VPN placed the number at more than 35,500 \u2014 with the ACSC flagging concerns about efforts by malicious European, Asian and African cyber actors \u201cseeking to exploit Australians during this difficult time.\u201dA proactive response has seen the ACSC reaching out to domain registrars here and overseas, as well as telecommunications providers, to block or disrupt their activities \u2014 but the cyber criminals were rapidly responding, moving to new malicious websites or adopting new personae such as emulating the Australian government\u2019s core myGov digital-government site.Heavy spoofing of the World Health Organisation (WHO), which Sophos among others has been observing for many weeks already, has led the organisation to post a warning for users to be careful \u2014 and security researchers at firms like Valimail to note that the WHO has still not implemented Domain-based Message Authentication, Reporting and Conformance (DMARC) technology that can block a high level of domain spoofing.DMARC \u2014 which has been explicitly recommended for all organisations in a how-to guide published by the Australian Signals Directorate \u2014 has been slowly adopted in Australia as elsewhere.Despite being around for many years, a of ASX100 companies found that just 39 had yet implemented DMARC \u2014 a steep increase over previous years but still far short of ubiquity.Surges in exploitation of IP addresses and domain names has driven the launch of proactive new security tools from the likes of Heficed, which this month supplemented its managed services with a fast-tracked abuse-prevention capability that can shut down cyber crime-related IP addresses as soon as they are reported.Even more evil acts on the dark webThe explosion of new attacks is about much more than just Australianised scams and phishing emails, however: Darknet data analysis firm DarkOwl, for one, has observed online dark web markets claiming offering to sell virus-infected blood, facemasks, and other products. More recently, the firm observed offers of an Israel-developed \u2018coronavirus vaccine\u2019 of which ten 20mL vials were supposedly available.Cyber criminals have become so enthusiastic about planting malware on fake coronavirus sites \u2014 and luring unsuspecting victims with promises of vaccines \u2014 that some domain-name registrars have banned registration of new domains containing the words \u2018coronavirus\u2019 and \u2018vaccine\u2019.