The novel coronavirus has made an impact on virtually every aspect of our lives. The current study utilizes secondary data to identify patterns and trends related to shifting crime from the physical to the cyber domain. With millions, if not billions, people staying at home, attackers now look for new ways to commit crimes. Our findings indicate that while a lot of crimes such as robbery, assault, rape, and murder have declined at the beginning of the pandemic, we are also witnessing a rise in cybercrime, vehicle theft, and domestic violence. The current study looks specifically at phishing and what new trends are observed due to COVID-19. The current work is grounded in routine activity theory and demonstrates its relevance to both the physical and cyberspace. The implications of our work can be used by scholars who want to continue researching this new phenomenon. Practitioners can utilize our findings to look for ways to improve the corporate security posture by protecting the employees and customers working from home. Developing new phishing training and awareness programs should be focused around possible scenarios involving COVID-19. Our study suggests victims are more likely to fall prey to those during times of fear and uncertainty like the current pandemic.

Cybercrime; Phishing; COVID-19; Pandemic; Coronavirus; Routine Activity Theory

Birk, D., Gajek, S., Grobert, F., & Sadeghi, A.-R. (2007). Phishing phishers-observing and tracing organized cybercrime. Second International Conference on Internet Monitoring and Protection (ICIMP 2007), 1-5 July 2007, San Jose, CA, USA. https://doi.org/10.1109/ICIMP.2007.33

Brantingham, P., & Brantingham, P. (2013). Crime pattern theory. In Environmental criminology and crime analysis (pp. 100-116). Willan. https://doi.org/10.4324/9780203118214-13

Brenner, S. W. (2006). Cybercrime jurisdiction. Crime, law and social change, 46(4-5), 189-206. https://doi.org/10.1007/s10611-007-9063-7

Cohen, L. E., & Felson, M. (1979). Social change and crime rate trends: A routine activity approach. American sociological review, 588-608. https://doi.org/10.2307/2094589

Cornish, D., & Clarke, R. (1985). Rational choice theory: Chapter.

Cyber Fraud Task Force Bulletin: Sharing News Among Our Law Enforcement and Industry Partners. (2020).

Dhamija, R., Tygar, J. D., & Hearst, M. (2006). Why phishing works. Proceedings of the SIGCHI conference on Human Factors in Computing Systems, April 22-27, 2006, Montréal, Canada. https://doi.org/10.1145/1124772.1124861

Furnell, S., Bryant, P., & Phippen, A. D. (2007). Assessing the security perceptions of personal Internet users. Computers & Security, 26(5), 410-417. https://doi.org/10.1016/j.cose.2007.03.001

Grabosky, P. (2015). Organized cybercrime and national security. In Cybercrime Risks and Responses (pp. 67-80). Springer. https://doi.org/10.1057/9781137474162_5

Groff, E. R. (2007). Simulation for theory testing and experimentation: An example using routine activity theory and street robbery. Journal of Quantitative Criminology, 23(2), 75-103. https://doi.org/10.1007/s10940-006-9021-z

Holt, T. J., & Bossler, A. M. (2008). Examining the applicability of lifestyle-routine activities theory for cybercrime victimization. Deviant Behavior, 30(1), 1-25. https://doi.org/10.1080/01639620701876577

Jansen, J., & Leukfeldt, R. (2016). Phishing and malware attacks on online banking customers in the Netherlands: A qualitative analysis of factors leading to victimization. International Journal of Cyber Criminology, 10(1), 79.

Jennings, W. G., Higgins, G. E., Tewksbury, R., Gover, A. R., & Piquero, A. R. (2010). A longitudinal assessment of the victim-offender overlap. Journal of Interpersonal Violence, 25(12), 2147-2174. https://doi.org/10.1177/0886260509354888

Jian, J., Chen, S., Luo, X., Lee, T., & Yu, X. (2020). Organized Cyber-Racketeering: Exploring the Role of Internet Technology in Organized Cybercrime Syndicates Using a Grounded Theory Approach. IEEE Transactions on Engineering Management. https://doi.org/10.1109/TEM.2020.3002784

Jones, A., & Bugge, C. (2006). Improving understanding and rigour through triangulation: an exemplar based on patient participation in interaction. Journal of advanced nursing, 55(5), 612-621. https://doi.org/10.1111/j.1365-2648.2006.03953.x

Kigerl, A. (2012). Routine activity theory and the determinants of high cybercrime countries. Social science computer review, 30(4), 470-486. https://doi.org/10.1177/0894439311422689

Kirda, E., & Kruegel, C. (2006). Protecting users against phishing attacks. The Computer Journal, 49(5), 554-561. https://doi.org/10.1093/comjnl/bxh169

Konradt, C., Schilling, A., & Werners, B. (2016). Phishing: An economic analysis of cybercrime perpetrators. Computers & Security, 58, 39-46. https://doi.org/10.1016/j.cose.2015.12.001

Lastdrager, E. E. (2014). Achieving a consensual definition of phishing based on a systematic review of the literature. Crime Science, 3(1), 9. https://doi.org/10.1186/s40163-014-0009-y

Laszka, A., Johnson, B., Schöttle, P., Grossklags, J., & Böhme, R. (2013). Managing the Weakest Link. In Computer Security-ESORICS 2013 (pp. 273-290). Springer. https://doi.org/10.1007/978-3-642-40203-6_16

Leukfeldt, E. R., & Yar, M. (2016). Applying routine activity theory to cybercrime: A theoretical and empirical analysis. Deviant Behavior, 37(3), 263-280. https://doi.org/10.1080/01639625.2015.1012409

Lusthaus, J. (2013). How organised is organised cybercrime? Global Crime, 14(1), 52-60. https://doi.org/10.1080/17440572.2012.759508

Marcum, C. D., Higgins, G. E., Freiburger, T. L., & Ricketts, M. L. (2014). Exploration of the cyberbullying victim/offender overlap by sex. American Journal of Criminal Justice, 39(3), 538-548. https://doi.org/10.1007/s12103-013-9217-3

McManus, S. (2011). Hope, fear, and the politics of affective agency. Theory & Event, 14(4). https://doi.org/10.1353/tae.2011.0060

Okoye, E. I., & Gbegi, D. (2013). Forensic accounting: A tool for fraud detection and prevention in the public sector.(A study of selected ministries in Kogi state). Okoye, EI & Gbegi, DO (2013). Forensic Accounting: A Tool for Fraud Detection and Prevention in the Public Sector.(A Study of Selected Ministries in Kogi State). International Journal of Academic Research in Business and Social Sciences, 3(3), 1-19.

Petty, R. E., & Briñol, P. (2015). Emotion and persuasion: Cognitive and meta-cognitive processes impact attitudes. Cognition and Emotion, 29(1), 1-26. https://doi.org/10.1080/02699931.2014.967183

Reyns, B. W. (2013). Online routines and identity theft victimization: Further expanding routine activity theory beyond direct-contact offenses. Journal of Research in Crime and Delinquency, 50(2), 216-238. https://doi.org/10.1177/0022427811425539

Reyns, B. W. (2015). A routine activity perspective on online victimisation. Journal of Financial Crime, 22(4), 396-411. https://doi.org/10.1108/JFC-06-2014-0030

Robinson, M. B. (1999). Lifestyles, routine activities, and residential burglary victimization. Journal of Crime and Justice, 22(1), 27-56. https://doi.org/10.1080/0735648X.1999.9721081

Sarno, D. M., Lewis, J. E., Bohil, C. J., & Neider, M. B. (2019). Which Phish Is on the Hook? Phishing Vulnerability for Older Versus Younger Adults. Human factors. https://doi.org/10.1177/0018720819855570

Shelley, L. I. (2003). Organized crime, terrorism and cybercrime. Security sector reform: Institutions, society and good governance, 303-312.

Smith, R. (2009). Understanding entrepreneurial behaviour in organized criminals. Journal of Enterprising Communities: People and Places in the Global Economy. https://doi.org/10.1108/17506200910982019

Sood, A. K., & Enbody, R. J. (2013). Crimeware-as-a-service-a survey of commoditized crimeware in the underground market. International journal of critical infrastructure protection, 6(1), 28-38. https://doi.org/10.1016/j.ijcip.2013.01.002

Tewksbury, R., & Mustaine, E. E. (2003). College students' lifestyles and self-protective behaviors: Further considerations of the guardianship concept in routine activity theory. Criminal Justice and Behavior, 30(3), 302-327. https://doi.org/10.1177/0093854803030003003

Van Wegberg, R., Tajalizadehkhoob, S., Soska, K., Akyazi, U., Ganan, C. H., Klievink, B., Christin, N., & Van Eeten, M. (2018). Plug and prey? Measuring the commoditization of cybercrime via online anonymous markets. 27th USENIX Security Symposium, 15-17 August, 2018, Baltimore, MD, USA.

Watson, M. (2005). Environmental crime in the United Kingdom. Eur. Envtl. L. Rev., 14, 186.

Wehinger, F. (2011). The Dark Net: Self-regulation dynamics of illegal online markets for identities and related services. 2011 European Intelligence and Security Informatics Conference, September 12-14, 2011, Athens, Greece. https://doi.org/10.1109/EISIC.2011.54

Weulen Kranenbarg, M., Holt, T. J., & van Gelder, J.-L. (2019). Offending and victimization in the digital age: Comparing correlates of cybercrime and traditional offending-only, victimization-only and the victimization-offending overlap. Deviant Behavior, 40(1), 40-55. https://doi.org/10.1080/01639625.2017.1411030

Yar, M. (2005). The Novelty of 'Cybercrime' An Assessment in Light of Routine Activity Theory. European Journal of Criminology, 2(4), 407-427. https://doi.org/10.1177/147737080556056

Yip, M., Shadbolt, N., Tiropanis, T., & Webber, C. (2012). The digital underground economy: A social network approach to understanding cybercrime.