Hacker Targeting Universities Amid Omicron Concerns

Security researchers from Proofpoint recently uncovered a phishing campaign targeting students at U.S. universities, amid growing concerns about the Omicron variant.

According to the researchers, the main objective of this campaign, which began in October and increased in November, is to steal access data and gain access to numerous accounts at different universities in the United States.

The Proofpoint researchers stated: “In some campaigns, threat actors attempted to steal multifactor authentication (MFA) credentials, spoofing MFA providers such as Duo. Stealing MFA tokens enables the attacker to bypass the second layer of security designed to keep out threat actors who already know a victim’s username and password.”

Exploiting the growing Omicron variant of the COVID-19 virus, the attackers send phishing e-mails with links that redirect students to their University website after their login credentials have been stolen.

Some of the subject lines used by the attackers are: “Attention Required – Information Regarding COVID-19 Omicron Variant – November 29,” and “COVID test.” Proofpoint researchers noted that there will be an uptick in this type of phishing attack.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web