With sad predictability cybercriminals appear to be exploiting the Coronavirus outbreak that occurred in Wuhan, mainland China, and is now causing new infections around the world.
Researchers at IBM say that they have seen poisoned emails being sent to Japan, urging the recipient to open an attached Word document.
In one example the email claims that Corona virus infections have been reported in the Gifu Prefecture in Japan, and that details of infection prevention measures can be found in the attachment.
However, opening the Word document leads to a message telling the recipient to enable macros, which will ultimately mean the Emotet malware is downloaded onto the computer.
Cybercriminals are well-versed in social engineering, and realise that there are certain topics that will be more likely to trigger recipients into opening a dangerous attachment or clicking on a malicious link than others: for instance, a love letter, a missed parcel delivery, an unexpected purchase on your credit card, or a surprise parking ticket. All these disguises have been used time and time again to infect users’ computers.
Whether in this case the attackers have simply stolen existing messages from a compromised health centre in Kyoto and attached their malicious payload, or conjoured up the messages themselves, is hard to say definitively.
But it’s not really an important question. What we do know is that health advice around Coronavirus is something that will be of a great deal of interest to people in some parts of the world right now, and so these emails certainly fit the bill.
Meanwhile, in a brief blog post on its Spanish-language website, Kaspersky confirmed it had seen other malware spread via email, posing as video instructions on how members of the public could protect themselves from infection.
The malicious attachments included PDFs, MP4 movie files and Word documents.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.