- The newest Echo Show 8 just hit its lowest price ever for Black Friday
- 기술 기업 노리는 북한의 가짜 IT 인력 캠페인··· 데이터 탈취도 주의해야
- 구글 클라우드, 구글 워크스페이스용 제미나이 사이드 패널에 한국어 지원 추가
- The best MagSafe accessories of 2024: Expert tested and reviewed
- Threads will show you more from accounts you follow now - like Bluesky already does
Hackers using omicron, COVID-19 phishing emails to target universities
Threat actors are increasingly using phishing emails related to the COVID-19 pandemic and the new omicron variant to target universities and steal login credentials, new research published Tuesday found.
According to a report from cybersecurity group Proofpoint, hackers have targeted dozens of mostly North American educational institutions, including Vanderbilt University and the University of Central Missouri, with thousands of malicious phishing emails in an attempt to harvest university credentials.
“Proofpoint observed COVID-19 themes impacting education institutions throughout the pandemic, but consistent, targeted credential theft campaigns using such lures targeting universities began in October 2021,” the report reads. “Following the announcement of the new Omicron variant in late November, the threat actors began leveraging the new variant in credential theft campaigns.”
The emails often imitate the targeted university’s login page, tricking victims into logging into their accounts by sending emails pretending to have university information on the ongoing pandemic.
In some cases, the threat actors have used legitimate compromised university websites in the phishing emails, with the report noting that “it is likely the threat actors are stealing credentials from universities and using compromised mailboxes to send the same threats to other universities.”
Proofpoint is not able to attribute the activity to any specific group, and was not certain what the motivation behind the attacks was.
The threat activity is likely to get worse following the holiday season, the report warned, with students traveling and exposed to the threat of COVID-19 and the omicron variant spreading giving a greater opening to the hackers.
“We expect more threat actors will adopt COVID-19 themes given the introduction of the Omicron variant,” the report reads.
The COVID-19 pandemic has been exploited from the beginning by hackers as a way to target Americans and others around the world, with email phishing campaigns often seizing on major news targets.
Universities and K-12 organizations have also become key targets, as classes have moved online due to the pandemic and hackers have been more easily able to disrupt learning and hold educational institutions to ransom, with the University of California system and Howard University among those impacted by ransomware attacks in the past year.