WASHINGTON (TND) — Hackers have begun leveraging increased COVID-19 vigilance around the omicron variant to trick unsuspecting college students into giving them their university log-in credentials.
Staff and students’ focus on their college’s COVID-19 messaging, such as testing protocols, has been taken advantage of by malicious actors throughout the pandemic. Now, with concerns over the new omicron variant growing, research suggests an increase in email threats targeting primarily North American universities.
Last month, around 40,000 people across the University of Toronto community received scam emails purporting to be from the university’s “COVID-19 Support Team,” which doesn’t even exist, according to a warning published by the school’s information security education and awareness team.
University at Buffalo Police warned just last week of a phishing attack on many people in its community, which used emails containing an attachment that purported to include COVID-19 testing results.
Cybersecurity firms have been warning of phishing scams using COVID-19 themes since March 2020.
Research from cybersecurity firm Proofpoint, Inc. says the scams will likely surge during the holidays “as colleges and universities provide and require testing for students, faculty, and other workers traveling to and from campus during and after the holiday season, and as the omicron variant emerges more widely.”
The group’s assessment is based on previously published research from August, which found a resurgence in coronavirus-themed threats as the global concern surrounding the Delta variant grew. Previously, coronavirus-themed threat campaigns saw a lull during the spring and early summer of 2021, according to Proofpoint.
Proofpoint said it found the coronavirus-themed threat campaigns involving the omicron variant have resulted in thousands of messages targeting dozens of North American universities.
While a variety of techniques have been used, the fake messages often contain attachments or web links “intended to harvest credentials for university accounts,” according to Proofpoint. “The landing pages typically imitate the university’s official login portal, although some campaigns feature generic Office 365 login portals,” the cybersecurity firm said. “In some cases, such as the omicron variant lures, victims are redirected to a legitimate university communication after credentials are harvested.”