Cybercriminals are theming their malspam campaigns to take advantage of the current global pandemic. Researchers have published a report, which indicates that the majority of coronavirus and COVID-19 themed malspam, delivers infostealing malware. The malware payloads delivered changed over time and location, but the most common category which the detected malware fell into was the infostealing category. Researchers also said that weekdays are the most active for these campaigns, with campaigns frequently being launched on a Monday. Lokibot was the most common and persistent payload whereas in the North American region, the payloads tended to be more diverse with a more even spread of various infostealers. The malware noted in the various campaigns included, but is not limited to, Agent Tesla, the 404 Keylogger, Hawkeye, Lokibot, and TrickBot.