The fact that government-backed groups are using COVID-19 to spread malware and snag credentials is disturbing, but it’s not surprising. This morning The New York Times reported that US officials believe China-backed operatives helped spread COVID-19 misinformation in an attempt to sow discord across the country. And we’ve already seen COVID-19 scams, like the one that may have stolen millions from the German government.

“Generally, we’re not seeing an overall rise in phishing attacks by government-backed groups; this is just a change in tactics,” Google’s TAG team wrote.

TAG has also seen an increase in cybercrime attempts on international and national health organizations, like emails that link to a domain spoofing the World Health Organization’s login page. In response, TAG is adding a higher threshold for Google Account sign in and recovery to more than 50,000 high-risk accounts.

And to support the larger security research community, Google is offering more than $200,000 in grants as part of a new Vulnerability Research Grant for COVID-19 fund. It says it expects to see new lures and schemes and will continue working to fight them.