- Buy Microsoft Visio Professional or Microsoft Project Professional 2024 for just $80
- Get Microsoft Office Pro and Windows 11 Pro for 87% off with this bundle
- Buy or gift a Babbel subscription for 78% off to learn a new language - new low price
- Join BJ's Wholesale Club for just $20 right now to save on holiday shopping
- This $28 'magic arm' makes taking pictures so much easier (and it's only $20 for Black Friday)
User Alert as Phishing Campaigns Exploit Queen’s Death
Threat actors are using the death of Queen Elizabeth II as a lure to phish for users’ Microsoft credentials, experts have warned.
A screenshot posted by Proofpoint yesterday revealed an email spoofed to appear as if sent from the tech giant.
With the headline “In Memory of Her Majesty Queen Elizabeth II,” it claimed that Microsoft is launching an “interactive AI memory board” in her honor and needs “the assistance of our users” to make it work.
To take part in the ‘Elizabeth II Memory Board’ the recipient is urged to click on a button embedded in the email, which will take them to a page prompting them to enter their email credentials. It also features a capability to bypass multi-factor authentication (MFA), Proofpoint warned.
“EvilProxy is a #MITM [man-in-the-middle] phishing framework that uses a reverse proxy to customize landing pages for each recipient and collect credentials and bypass #MFA protection,” Proofpoint said of the infrastructure used to deploy the campaign. “The kit is relatively new and is available for sale on exploit forums.”
Sherrod DeGrippo, VP of threat research and detection at Proofpoint, explained that major news stories like COVID-19 and the Queen’s death are always exploited by phishing actors.
“Social engineering requires the manipulation of an end target’s emotional state. In this case, the attacker is attempting to elicit a sense of grief, concern or sadness by providing a place to share memories and comments in honor of the Queen,” she continued.
“We expect to see threat actors continue to use themes related to the Queen and the monarchy for some time as the events and mourning period continue.”
Earlier in the week, the UK’s National Cyber Security Centre (NCSC) warned users to expect a surge in phishing attempts related to the Queen’s death.
“While the NCSC – which is a part of GCHQ – has not yet seen extensive evidence of this, as ever you should be aware it is a possibility and be attentive to emails, text messages, and other communications concerning the death of Her Majesty the Queen and arrangements for her funeral,” it said.