Hackers Have Exploited The Queen’s Death

Uploaded on 2022-10-02 in GOVERNMENT-National, FREE TO VIEW

Hackers are taking advantage of the outpouring of condolences for the late British monarch Queen Elizabeth II to launch a phishing attack and surreptitiously gain access to the Microsoft accounts of unsuspecting victims, cybersecurity researchers at Proofpoint revealed.

During this period following the death of Her Majesty the Queen, including her Lying-in-State and State Funeral, there has been an increase in phishing emails and other scams. Threat actors have been capitalising on the death of Queen Elizabeth II to lure targets into clicking on phishing links that request Microsoft credentials. 

Experts at Proofpoint posted a screenshot that revealed the phishing emails appear as though they are being sent from the tech giant itself. The headline claims to pay tribute to the late Queen Elizabeth with an interactive AI memory board.

Proofpoint identified a credential phishing campaign using lures related to Her Majesty Queen Elizabeth II. Messages purported to be from Microsoft and invited recipients to an “artificial technology hub” in her honor. With the headline “In Memory of Her Majesty Queen Elizabeth II,” it claimed that Microsoft is launching an “interactive AI memory board” in her honor and needs “the assistance of our users” to make it work.

To take part in the ‘Elizabeth II Memory Board’ the recipient is urged to click on a button embedded in the email, which will take them to a page prompting them to enter their email credentials. It also features a capability to bypass multi-factor authentication (MFA), Proofpoint warned.

“EvilProxy is a #MITM [man-in-the-middle] phishing framework that uses a reverse proxy to customize landing pages for each recipient and collect credentials and bypass #MFA protection,” Proofpoint said of the infrastructure used to deploy the campaign. “The kit is relatively new and is available for sale on exploit forums.”

However, to take part in the fraudulent memory board, users must click the link embedded in the email. This link takes users to a phished site that prompts users to enter their Microsoft credentials. The site also features a capability to bypass multi-factor authentication, according to Proofpoint.

Major news stories are typically capitalised by threat actors to lure victims into falling for phishing schemes. In this case, instead of inducing urgency, the phishers are capitalizing on grief, concern, and sadness brought on by the Queen’s death.

These themes could continue to pop up in various phishing campaigns and cyber security risks as threat actors continue to find new ways to lure victims.

The phishing campaign was spotted a day after the UK's National Cyber Security Centre (NCSC) warned there might be an increase in phishing emails and other scams related to the queen during national mourning and the UK’s National Cyber Security Centre warned users to expect a surge in phishing attempts related to the Queen’s death.

Proopoint:     NCSC:     Oodaloopp:     Threat Insight:      VPN Review:     Microsoft

You Might Also Read: 

Microsoft Warning - Windows Flaw Being Attacked:

 

« Vulnerabilities In Airline WiFi Devices Expose Passenger Data
Google Loses Its Appeal & Must Pay €4.1Billion EU Penalty »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

mnemonic

mnemonic

mnemonic helps businesses manage their security risks, protect their data and defend against cyber threats.

tietoEVRY

tietoEVRY

TietoEVRY creates digital advantage for businesses and society. We are a leading digital services and software company with local presence and global capabilities.

Norwegian Business & Industry Security Council (NSR)

Norwegian Business & Industry Security Council (NSR)

NSR is a member organization serving the Norwegian business sector in an advisory capacity on matters relating to crime and security including cyber.

VIPRE Security Group

VIPRE Security Group

VIPRE Security Group is an award-winning global cybersecurity, privacy and data protection company.

National Accreditation Authority Hungary (NAH)

National Accreditation Authority Hungary (NAH)

NAH is the national accreditation body for Hungary. The directory of members provides details of organisations offering certification services for ISO 27001.

Wipe-Global

Wipe-Global

Wipe-Global is specialized in data erasure with an international established service partner network.

FutureCon Events

FutureCon Events

FutureCon produces cutting edge events aimed for Senior Level Professionals working in the security community, bringing together the best minds in the industry for a unique cybersecurity event.

StartupXseed Ventures

StartupXseed Ventures

StartupXseed Ventures is a smart capital provider for Deep Tech, B2B, Early Stage Startups. We support, NextGen Tech Entrepreneurs, who have potential to deliver the outsized growth.

Enso Security

Enso Security

Enso is the first Application Security Posture Management (ASPM) solution, helping security teams everywhere eliminate their AppSec chaos with application discovery, classification and management.

Cigent Technology

Cigent Technology

Cigent keeps the most valuable asset in your organization safe—your data. Our advanced endpoint and managed network security solutions prevent ransomware and data theft.

LiveAction

LiveAction

LiveAction provides end-to-end visibility of network and application performance from a single pane of glass.

Feroot Security

Feroot Security

Feroot Security secures client-side web applications so that businesses can deliver a flawless user experience to their customers. Our products help organizations protect their client-side surface.

Artjoker

Artjoker

Artjoker is a full cycle software development partner specialized in Blockchain projects and smart contract development including full cycle information security of all projects.

Stacklok

Stacklok

Stacklok are an Open Source first security company enabling safe Open Source Software consumption.

Indevtech

Indevtech

Indevtech has been serving Hawaii since 2001, providing end-to-end managed IT services to small- and medium-businesses.

AuditBoard

AuditBoard

AuditBoard is the leading cloud-based platform transforming audit, risk, ESG, and InfoSec management.