I hope it will amount to something
Maybe governments will make an effort to increase blocking of bot traffic or somesuch, I really haven't a clue what they can do though. Spam and phishing is only malware when it reaches the endpoint, when it's on its way there's next to no way to tell.
Yesterday, I received the laptop from my friend the postman. It was sent by a customer so that I can work on a project on their servers in a secure VM configured by them. Coincidentally, I also received a mail telling me that my package was waiting for me and there was a €2 transport charge to pay. With a friendly link, of course.
Out of sheer habit I checked the URL of the link, which immediately made me suspicious because of the strange name that had nothing to do with the company that the mail alleged to represent. Then logic kicked in and I realized that, even if there is a transport charge to pay, it's my customer that should pay it, not me. Finally I trashed the mail and thought nothing more of it.
But I am certain that such a mail would make many a person click on the link and just follow instructions blindly. Especially these days where Amazon is becoming king of the hill. Now transport that kind of attack to a hospital environment, with a nurse that has a thousand other things to do and just wants this mail out of the way. It's easy to hack hospitals, they are trying to save people, not computer hardware. They already have their minds full of medical knowledge, cramming security procedures on top is a nuisance they don't have time for.
I don't know what the solution is. Maybe a filter machine that all email is sent to by default before a human checks that it is legit and lets it continue to its intended recipient ? Put a fancy statistical analysis machine with oh-so-vaunted "machine learning" and maybe something automated could be tuned to be useful.