Hackers Have Exploited The Queen’s Death

Uploaded on 2022-10-02 in GOVERNMENT-National, FREE TO VIEW

Hackers are taking advantage of the outpouring of condolences for the late British monarch Queen Elizabeth II to launch a phishing attack and surreptitiously gain access to the Microsoft accounts of unsuspecting victims, cybersecurity researchers at Proofpoint revealed.

During this period following the death of Her Majesty the Queen, including her Lying-in-State and State Funeral, there has been an increase in phishing emails and other scams. Threat actors have been capitalising on the death of Queen Elizabeth II to lure targets into clicking on phishing links that request Microsoft credentials. 

Experts at Proofpoint posted a screenshot that revealed the phishing emails appear as though they are being sent from the tech giant itself. The headline claims to pay tribute to the late Queen Elizabeth with an interactive AI memory board.

Proofpoint identified a credential phishing campaign using lures related to Her Majesty Queen Elizabeth II. Messages purported to be from Microsoft and invited recipients to an “artificial technology hub” in her honor. With the headline “In Memory of Her Majesty Queen Elizabeth II,” it claimed that Microsoft is launching an “interactive AI memory board” in her honor and needs “the assistance of our users” to make it work.

To take part in the ‘Elizabeth II Memory Board’ the recipient is urged to click on a button embedded in the email, which will take them to a page prompting them to enter their email credentials. It also features a capability to bypass multi-factor authentication (MFA), Proofpoint warned.

“EvilProxy is a #MITM [man-in-the-middle] phishing framework that uses a reverse proxy to customize landing pages for each recipient and collect credentials and bypass #MFA protection,” Proofpoint said of the infrastructure used to deploy the campaign. “The kit is relatively new and is available for sale on exploit forums.”

However, to take part in the fraudulent memory board, users must click the link embedded in the email. This link takes users to a phished site that prompts users to enter their Microsoft credentials. The site also features a capability to bypass multi-factor authentication, according to Proofpoint.

Major news stories are typically capitalised by threat actors to lure victims into falling for phishing schemes. In this case, instead of inducing urgency, the phishers are capitalizing on grief, concern, and sadness brought on by the Queen’s death.

These themes could continue to pop up in various phishing campaigns and cyber security risks as threat actors continue to find new ways to lure victims.

The phishing campaign was spotted a day after the UK's National Cyber Security Centre (NCSC) warned there might be an increase in phishing emails and other scams related to the queen during national mourning and the UK’s National Cyber Security Centre warned users to expect a surge in phishing attempts related to the Queen’s death.

Proopoint:     NCSC:     Oodaloopp:     Threat Insight:      VPN Review:     Microsoft

You Might Also Read: 

Microsoft Warning - Windows Flaw Being Attacked:

 

« Vulnerabilities In Airline WiFi Devices Expose Passenger Data
Google Loses Its Appeal & Must Pay €4.1Billion EU Penalty »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

WIRED

WIRED

WIRED is the magazine about what's next – the people, the trends and the big ideas that will change our lives. Topics covered include cyber security.

Safe Security

Safe Security

Safe Security (formerly Lucideus) provides Cyber risk assessment services and platforms to multiple Fortune 500 companies and governments across the globe.

Consortium for Information & Software Quality (CISQ)

Consortium for Information & Software Quality (CISQ)

The mission of CISQ is to develop international standards for software quality and to promote the development and sustainment of secure, reliable, and trustworthy software.

DataDome

DataDome

DataDome offers real-time AI protection against all OWASP automated threats, including credential stuffing, layer 7 DDoS attacks, SQL injection & intensive scraping.

Enterprise Incubator Foundation (EIF)

Enterprise Incubator Foundation (EIF)

Enterprise Incubator Foundation (EIF) of Armenia is one of the largest technology business incubators and IT development agencies in the region.

TierPoint

TierPoint

TierPoint delivers secure, reliable, and connected infrastructure solutions at the internet’s edge. We meet you where you are in your journey to solve for data storage, compute, and recovery.

Epiphany Systems

Epiphany Systems

Epiphany enhances your defensive security controls by providing you with an offensive perspective. We expose the most likely attack paths to your most critical IT assets and users.

Imageware

Imageware

Imageware is a leader in biometric cybersecurity. Protect against costly, damaging ransomware hacks by employing biometric cybersecurity solutions.

Tailscale

Tailscale

Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly.

Computacenter

Computacenter

Computacenter is a leading independent technology partner, trusted by large corporate and public sector organisations. We help our customers to source, transform and manage their IT infrastructure.

Three Wire Systems

Three Wire Systems

Three Wire is a leader in innovative and efficient technology solutions for government agencies and large enterprise corporations.

Lasso Security

Lasso Security

Lasso Security is a pioneer cybersecurity company ensuring comprehensive protection for businesses leveraging generative AI and other large language model technologies.

GitLab

GitLab

GitLab is a complete DevOps platform, delivered as a single application, fundamentally changing the way Development, Security, and Ops teams collaborate and build software.

Robust Intelligence

Robust Intelligence

Robust Intelligence enables enterprises to secure their AI transformation with an automated solution to protect against security and safety threats.

Loccus AI

Loccus AI

Loccus are developers of AI solutions in the voice safety space. We build identity verification solutions, deepfake detection systems and fraud protection products for companies and end-users.

Hakware

Hakware

Hakware is a next-generation Security Management solution offering a comprehensive OneView of your entire IT and security environment.