Good day. During what is now known as the Citrix traffic jam, remote workers in the Netherlands clogged roadways when their networking software had to be disabled after a vulnerability was discovered. WSJ Pro’s Catherine Stupp reports.

Meanwhile, companies and employees in China are realizing the huge potential of remote work, writes Steve Rosenbush as part of our coverage of the outbreak of the coronavirus.

Also today: Emcor reveals ransomware attack; email scams worse than ever, FBI says; when your mom is a prison pen tester.

January traffic jams in the Netherlands linked to software shutdown. A security vulnerability in two popular workplace applications from software firm Citrix Systems Inc. prompted the Dutch National Cyber Security Centre to advise organizations in mid-January to disable the products. Remote employees then had to drive to their offices instead of working from home. The result: traffic jams.

During what is now known as the Citrix traffic jam, remote workers in the Netherlands clogged roadways the Monday morning after several government ministries turned off the affected Citrix products, said Cees Quax, a radio traffic presenter for the Royal Dutch Touring Club, a travelers’ association that monitors traffic. Cars were especially backed up in the area around The Hague, a hub for ministries, he said.

The NCSC rated the severity of the Citrix vulnerability a 9.8 on a scale of 1 to 10 in its first alert about the problem on Jan. 14, two days before it recommended organizations disable the products.

Read the full article.

• Some U.S. companies said they could lose as much as half their annual revenue from China if the epidemic extends through the summer.  
• Banks with heavy exposure to Europe and Asia have warned their profits could be hit, and the auto industry braced for supply-chain disruptions.
• Starbucks said it had reopened hundreds of its China stores that had been closed in response to the outbreak. 
• Maritime operators are facing their biggest challenge since the financial crisis. Disruptions are likely to prolong a continuing slump in U.S. freight transport.
• Private-equity firms are adding protective clauses regarding pandemics in deal and fundraising documents.
• Companies in China are using virtual meeting and work platforms, demonstrating the huge potential for remote work.

📞 On call with WSJ: Register here for a conference call today at noon EST with Wall Street Journal editors and reporters on how global markets are reacting to the latest virus news.

For more, visit WSJ's live coverage page, which is updated regularly. Or check out our primer on what you need to know about the virus itself.

Emcor reveals ransomware attack in financial filing. Construction firm Emcor Group Inc. detected the Ryuk ransomware in its network on Feb. 15 and shut down certain technology systems to contain the malware, This Week in FM reports. Some systems have been restored and Emcor continues to serve customers, the company said Thursday in its fourth-quarter financial statement. Emcor hired an unnamed forensic firm to investigate the incident.

Email scammers are savvier—and more successful—than ever. The Federal Bureau of Investigation says the schemes are raking in almost $2 billion a year, often from organized networks in Africa, The Wall Street Journal reports. In 2019, the FBI received 23,775 complaints of business-email and email-account compromises, up from 20,373 the prior year, according to data the bureau published this month. Annual estimated losses increased as well, to more than $1.7 billion in 2019 from $1.2 billion in 2018, according to the data.

Shifting scams: Perpetrators targeted personal email addresses in 2014, pretended to be lawyers in 2015, then moved on to requests for tax information and targeting real-estate transactions, officials said. One new iteration involves fake requests to divert payroll funds.

When your mom is a pen tester. John Strand, a penetration tester with Black Hills Information Security in South Dakota, sent his mother to probe the defenses of a local correctional facility, Wired reports. Rita Strand, CFO at Black Hills, volunteered to pose as a health inspector to try to get into the prison, photograph its security mechanisms and plug USB drives into computers there, Mr. Strand relayed in a talk at the RSA Conference in San Francisco this week. The 2014 mission was a breeze for Ms. Strand, who encountered no resistance from prison officials. She was able to infect the warden’s computer with malware as well. The prison has since been closed, Mr. Strand said, declining to name it.

Write to the WSJ Pro Cybersecurity Team: Kim S. Nash, James Rundle and Catherine Stupp.

Follow us on Twitter: @knash99, @JimRundle and @catstupp. Also, @WSJCyber.

Contact Enterprise Technology Editor Steve Rosenbush at steven.rosenbush@wsj.com or follow him on Twitter: @Steve_Rosenbush.