Join Login

Photo by Richard Hurd

ALERT: Coronavirus email scam spreading malware

Infosec warns against clicking on phishing attempts

MADISON, Wis., Feb. 3, 2020 — Cybercriminals are now exploiting the intense interest and fear of the coronavirus outbreak to spread fake email messages containing malicious computer viruses and malware.

Infosec, a leader in cybersecurity education and security awareness training, warns as the coronavirus infection spreads, bad actors will try to capitalize on the terror and panic caused by the global outbreak.

“We can expect to see phishing emails containing malware in the U.S. soon,” said Jack Koziol, CEO and founder of Infosec. “Unfortunately, it’s not uncommon for cybercriminals to use high interest, high concern events as a method of tricking people into clicking on links and documents that then unleash viruses and malware into their systems.”

The emails are currently being seen in Japan, according to a report released by cybersecurity firm Kaspersky and IBM. This tactic can be expected to spread to the U.S and other countries as the number of confirmed cases increases.

“Everyone should be on the alert for these emails during the coming days and weeks,” Koziol added. “The elderly are often targeted with these types of scams, but it’s also possible for businesses to be targeted under the guise of tips for keeping employees and customers safe.”

The fake emails in Japan appear to be sent by a disability welfare service provider and include information indicating cases have been discovered in the recipient’s region. The emails also include an attached Word document masked as offering updates and health information.  Opening the attachment unleashes the malware, according to IBM.

Additional tips for detecting phishing email:
•           Numerous misspellings and grammar mistakes.
•           A false air of urgency for you to click immediately on attachments.
•           The URL may be different or slightly altered from a legitimate business represented as the sender.
•           Requests for personal information, such as bank account and credit card numbers for “verification purposes.” Reputable organizations never ask for this.

The virus was first reported in Wuhan, China, in December 2019. More than 9,600 infections are confirmed worldwide. Eleven cases are currently confirmed positive in the U.S. All of those cases are imported from other countries. There is a report of one person-to-person coronavirus spread in the U.S., according to the Centers for Disease Control and Prevention (CDC).


About Infosec

Infosec has been fighting cybercrime since 2004. Thousands of organizations and over 2.68 million learners trust the wide range of security-specific classes and enterprise security awareness and phishing training to stay a step ahead of the bad guys. Infosec IQ, Infosec Flex and Infosec Skills provide the most advanced and comprehensive education and training platforms. Founded by CEO Jack Koziol, Infosec is based in Madison, with offices in Chicago and Dulles, Virginia. Learn more at