A new phishing attack, discovered by Proofpoint, is using the Omicron variant of COVID-19 to steal students’ credentials and gain access to accounts. The threat-actors targeting US universities are leveraging the concern around the new virus strain to trick students into opening attachments that lead students to spoofed university login portals. This isn’t an entirely new tactic, as attackers have been using the virus as an attack vector since the pandemic began.
Threat-actors are using subjects lines such as “Attention required – Information Regarding COVID-19 Omicron Variant – November 29” or “COVID test” to lure their victims into opening attachments and entering their login credentials.  The researchers explained that, “in some campaigns, threat actors attempted to steal multifactor authentication (MFA) credentials, spoofing MFA providers such as Duo. Stealing MFA tokens enables the attacker to bypass the second layer of security designed to keep out threat actors who already know a victim’s username and password.”
The attackers’ end goal is still unknown, however legitimate login credentials grant them with access to an organisation’s network and infrastructure, leading to larger, more harmful attacks.
 
The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY
Follow Us
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
This site uses functional cookies and external scripts to improve your experience.
Privacy Settings / PENDING
This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.
NOTE: These settings will only apply to the browser and device you are currently using.
GDPR Compliance

source

You May Also Like

UK Defence Secretary warns Russia of cyber-retaliation

The UK’s Secretary of State for Defence has reportedly warned Russia that…

MageCart attacks hit hundreds of outdated Magento sites

Analysts at Sansec found the source of over 500-ecommerce stores involving a…

BitMart hacked in “large-scale security breach”

BitMart, a trusted cryptocurrency trading platform has been the latest to suffer…