Scams that take advantage of fears about the spread of the coronavirus have mainly been aimed at consumers. However, a report today indicates criminals are also finding ways to get businesses to fall for scams as well.
Meanwhile, worries about the virus have caused Amazon to pull out of this month’s annual Mobile World Congress conference in Barcelona, the latest vendor to withdraw or scale back its appearance at the international conference.
UPDATE: The annual RSA Conference takes place the same week as Mobile World Congress. In a news release issued February 11 organizers said six of nine companies from China that signed up to exhibit at RSA Conference have canceled due to travel restrictions, as well as two speakers. In addition, what organizers said was “0.2 per cent” of the expected number registered attendees have cancelled. That would work out to 10 people.
The report from Proofpoint this morning said it has uncovered new coronavirus-themed email attacks that target manufacturing, industrial, finance, transportation, pharmaceutical, and cosmetic companies. A typical email carries the subject line “Coronavirus – Brief note for the shipping industry,” carries the message. “Hi. I thought this brief note in doc format on the Coronavirus and its impact on the Shipping industry could be of interest to you.”
The attachment is a Microsoft Word document that seeks to exploit a two-and-a-half-year-old Microsoft Office vulnerability (CVE-2017-11882) which leverages Equation Editor. Proofpoint argues using this vulnerability “likely points to its proven effectiveness in other attacks and the attacker’s belief that the industries they’re targeting are slow to deploy patches.”
If the document is opened it installs the information-stealing AZORult malware. However, Proofpoint warns it has also been used in combination with ransomware.
“People and organizations broadly should be exercising extreme caution around any emails, links or websites related to coronavirus because of the demonstrated, increased risk that attackers will seek to use concerns around it as lures,” says Proofpoint.
As for Mobile World Congress,, TechCrunch reports Amazon has decided not to participate in Mobile World Congress at the end of the month due to continued public worries about the outbreak.
The news story says other companies that have cancelled or scaled back their plans for MWC due to the outbreak include LG, NVIDIA and Ericsson.
UPDATE: On February 12 it was reported that carriers BT, Vodafone, and Deutsche Telekom as well as equipment maker Nokia have pulled out of the event.
The conference is still scheduled to go on, but the event’s organizer recently issued a new statement about the precautions it is taking. These include a ban on visitors from China’s Hubei province, where the epidemic is believed to have begun. All travellers who have been in China will need to demonstrate proof they have been outside of China 14 days prior to the event with a passport stamp or health certificate.
The statement also says without details that “temperature screening will be implemented.” Attendees will also be urged not to shake hands.