Security researchers from Proofpoint recently uncovered a phishing campaign targeting students at U.S. universities, amid growing concerns about the Omicron variant.
According to the researchers, the main objective of this campaign, which began in October and increased in November, is to steal access data and gain access to numerous accounts at different universities in the United States.
The Proofpoint researchers stated: “In some campaigns, threat actors attempted to steal multifactor authentication (MFA) credentials, spoofing MFA providers such as Duo. Stealing MFA tokens enables the attacker to bypass the second layer of security designed to keep out threat actors who already know a victim’s username and password.”
Exploiting the growing Omicron variant of the COVID-19 virus, the attackers send phishing e-mails with links that redirect students to their University website after their login credentials have been stolen.
Some of the subject lines used by the attackers are: “Attention Required – Information Regarding COVID-19 Omicron Variant – November 29,” and “COVID test.” Proofpoint researchers noted that there will be an uptick in this type of phishing attack.