Akamai researchers have seen recycled phishing kits from as far back as July being used in coronavirus-based phishing attacks now. In just the first two days of April, a full 26 domains using one of the in-use kits are in use already. The upside is that the known fingerprint of the older kits makes defenders jobs a bit easier, in theory. Cisco has been monitoring activity and has seen a significant increase in Internet requests to domains that include the past two months.
Source: https://threatpost.com/covid-19-scam-scramble-cybercrooks-recycle/154383/