Dec 10–The Omicron strain of the coronavirus provides hackers with further cover as they launch new phishing campaigns.
Researchers have identified a fresh phishing threat that leverages concern over the spread of the Omicron variant to steal credentials, which are then used to gain illicit access into systems.
Thus far, hackers have managed to use this trick in order to attack several prominent universities in the United States.
The phishing campaign
The phishing emails used in the campaign contain information pertaining to coronavirus testing and Omicron. Although phishing lures that focus on the coronavirus have been in use since the pandemic started, recent attacks have sparked further concern.
In this campaign, threat actors exploit concern about the coronavirus and spoof the login portals of well-known universities. A handful of spoofed portals mimic generic Office 365 login portals, while others imitate legitimate-looking university-owned web pages.
Phishing campaign acceleration
Experts anticipate that spoofing of university login portals and similar attack types will only increase in coming months, especially as students and faculty return from holiday breaks and obtain coronavirus tests.
In addition, researchers have confirmed that after the discovery of the Delta variant, in August of 2021, coronavirus-themed phishing campaigns massively increased. The same is expected in relation to the Omicron variant.
What to look for
Phishing emails pertaining to Omicron have arrived with subjectlines such as “Attention Required – Information About Omicron Variant – November 30”. Other emails have started with the subjectline “COVID test”.
In some cases, experts have seen hackers add attachments to Omicron-related phishing emails. The attachments were designed to create credential capture webpages.
Beware of email hijacking
Experts assert that the same threat actors may gain access to university-owned email accounts, and leverage them to send the same exact phishing threat to other universities. The precise motive behind this attack remains unknown. Nonetheless, reaching out to university professionals while posing as colleagues or fellow academics leads an air of credibility to their threats – making it all the more likely that users will fall for them.
Phishing prevention strategies
- Numerous types of phishing attacks exist, and a large number of phishing threats arrive via email. Protect your organization by deploying email security solutions that can detect malicious attachments, links and more.
- Increase employee awareness pertaining to phishing. Communicate information about the latest phishing threats affecting your niche, and provide insights into phishing attack recognition methodologies. Further, ask your employees to report suspicious incidents to your security team.
- Consider deploying phishing attack tests within your organization. Phishing attack simulations can provide security teams with information about the effectiveness of employee awareness programs, and can help users better understand attacks.
- Implement zero-trust policies and best practices that restrict access to systems and rely on the principle of least privilege. This helps ensure that, should a cyber criminal gain access to credentials, he or she cannot necessarily access critical data on the network.
As the Omicron variant continues to hold our collective attention, remain aware of possible related phishing threats. And last, but not least, stay healthy and stay safe!
Lastly, to learn more about pressing issues in the cyber world, please join us at the premiere cyber security event of the year – CPX 360 2022. Register here.