Hackers using concern about Omicron strain of COVID-19 to attack US universities

Researchers with cybersecurity firm Proofpoint have discovered a new phishing attack leveraging concern about the spread of the Omicron strain of COVID-19 to steal credentials and gain access to accounts at several prominent universities in the US. 

The emails — part of an attack that Proofpoint researchers said began in October but increased in November — generally contain information about COVID-19 testing and the new Omicron variant.

Cybercriminals and threat actors have used concern about COVID-19 as a phishing lure since the pandemic began to cause headlines in January and February of 2020.  

But with this specific attack, cybercriminals are spoofing the login portals of schools like Vanderbilt University, the University of Central Missouri and more. Some mimic generic Office 365 login portals while others use legitimate-looking university pages.

“It is likely this activity will increase in the next two months as colleges and universities provide and require testing for students, faculty, and other workers traveling to and from campus during and after the holiday season, and as the Omicron variant emerges more widely,” the Proofpoint researchers wrote. 

“We expect more threat actors will adopt COVID-19 themes given the introduction of the Omicron variant. This assessment is based on previously published research that identified

Read More: https://www.zdnet.com/article/hackers-using-concern-about-omicron-strain-of-covid-19-to-attack-us-universities/#ftag=RSSbaffb68