Hackers Have Exploited The Queen’s Death

Uploaded on 2022-10-02 in GOVERNMENT-National, FREE TO VIEW

Hackers are taking advantage of the outpouring of condolences for the late British monarch Queen Elizabeth II to launch a phishing attack and surreptitiously gain access to the Microsoft accounts of unsuspecting victims, cybersecurity researchers at Proofpoint revealed.

During this period following the death of Her Majesty the Queen, including her Lying-in-State and State Funeral, there has been an increase in phishing emails and other scams. Threat actors have been capitalising on the death of Queen Elizabeth II to lure targets into clicking on phishing links that request Microsoft credentials. 

Experts at Proofpoint posted a screenshot that revealed the phishing emails appear as though they are being sent from the tech giant itself. The headline claims to pay tribute to the late Queen Elizabeth with an interactive AI memory board.

Proofpoint identified a credential phishing campaign using lures related to Her Majesty Queen Elizabeth II. Messages purported to be from Microsoft and invited recipients to an “artificial technology hub” in her honor. With the headline “In Memory of Her Majesty Queen Elizabeth II,” it claimed that Microsoft is launching an “interactive AI memory board” in her honor and needs “the assistance of our users” to make it work.

To take part in the ‘Elizabeth II Memory Board’ the recipient is urged to click on a button embedded in the email, which will take them to a page prompting them to enter their email credentials. It also features a capability to bypass multi-factor authentication (MFA), Proofpoint warned.

“EvilProxy is a #MITM [man-in-the-middle] phishing framework that uses a reverse proxy to customize landing pages for each recipient and collect credentials and bypass #MFA protection,” Proofpoint said of the infrastructure used to deploy the campaign. “The kit is relatively new and is available for sale on exploit forums.”

However, to take part in the fraudulent memory board, users must click the link embedded in the email. This link takes users to a phished site that prompts users to enter their Microsoft credentials. The site also features a capability to bypass multi-factor authentication, according to Proofpoint.

Major news stories are typically capitalised by threat actors to lure victims into falling for phishing schemes. In this case, instead of inducing urgency, the phishers are capitalizing on grief, concern, and sadness brought on by the Queen’s death.

These themes could continue to pop up in various phishing campaigns and cyber security risks as threat actors continue to find new ways to lure victims.

The phishing campaign was spotted a day after the UK's National Cyber Security Centre (NCSC) warned there might be an increase in phishing emails and other scams related to the queen during national mourning and the UK’s National Cyber Security Centre warned users to expect a surge in phishing attempts related to the Queen’s death.

Proopoint:     NCSC:     Oodaloopp:     Threat Insight:      VPN Review:     Microsoft

You Might Also Read: 

Microsoft Warning - Windows Flaw Being Attacked:

 

« Vulnerabilities In Airline WiFi Devices Expose Passenger Data
Google Loses Its Appeal & Must Pay €4.1Billion EU Penalty »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Ixia

Ixia

Ixia provides testing, visibility, and security solutions to strengthen applications across physical and virtual networks.

Centripetal Networks

Centripetal Networks

Centripetal Networks was founded with one vision - to protect networks from advanced threats by simplifying intelligence-driven security.

PlainID

PlainID

PlainID provides IAM teams with a simple and intuitive means to control their organization’s entire authorization process.

Circadence

Circadence

Circadence offer the only fully immersive, AI-powered, patent-pending, proprietary cybersecurity training platform in the market today.

Sqreen

Sqreen

Sqreen is a web application security monitoring and protection solution helping companies protect their apps and users from attacks.

MicroEJ

MicroEJ

MicroEJ is a software vendor of cost-driven solutions for embedded and IoT devices.

Swiss Cyber Institute (SCI)

Swiss Cyber Institute (SCI)

The Swiss Cyber Institute is a registered cyber security education provider by the State Secretariat for Education, Research, and Innovation SERI.

Cyber Defense Technologies (CDT)

Cyber Defense Technologies (CDT)

Cyber Defense Technologies provides services and turn-key solutions to secure and maintain the integrity of your organization’s systems and data against attacks.

Kingston Technology

Kingston Technology

Kingston is a leading global manufacturer of memory and storage solutions including encrypted storage solutions to protect data inside and outside the firewall.

Romanian Tech Startup Association (ROTSA)

Romanian Tech Startup Association (ROTSA)

Romanian Tech Startups Association is an umbrella organization that aims to promote, support and represent the interests of tech startups in Romania.

Kralos

Kralos

Kralos are an experienced team of Software and IT experts, specialized in the development of innovative cybersecurity solutions.

Axient

Axient

Axient advances defense and civilian missions from aerospace to cyberspace with multi-domain test and analysis, mission engineering and operations, and advanced technologies.

Framework Security

Framework Security

With Framework Security, you get more than a consultancy; you get a partner dedicated to simplifying cybersecurity and protecting your business in the most efficient way possible.

Coastline Cybersecurity

Coastline Cybersecurity

Coastline Cyber is a cybersecurity consulting firm dedicated to helping organizations strengthen their security posture by reducing risks, mitigating threats, and protecting against attacks.

CyberNut

CyberNut

CyberNut are a security awareness training solution built exclusively for schools.

Nothreat

Nothreat

Nothreat has revolutionized how businesses like yours protect themselves from damaging cyber attacks. Our tech learns and adapts in real time, protecting clients from even zero-day attacks.