To avoid phishing attacks by clicking on bad links in emails, a commonly advised strategy is to hover the over the link to check on the destination before clicking on that link. However, a recent spate of phishing attacks has targeted Office 365 customers by leading victims to a fake login page where Office 365 credentials are stolen. Bad actors have been exploiting open redirects to redirect visitors from trustworthy sites to malicious sites. Google warns that the mouse hover trick is not a reliable tool to prevent phishing.
So far this year, scammers have stolen $545 million in COVID-related fraud from Americans, according to the FTC. These scams include overcharging consumers for sought-after goods such as hand sanitizer, toilet paper, and masks and fraudulent online shopping sites that never ship the purchased goods.