Hackers are now using the death of Queen Elizabeth II as a phishing lure.

The longest reigning monarch of the UK, Queen Elizabeth II, has recently died. It was a devastating loss for the monarchy of England and for its allies around the world.

Great leaders from different countries sympathize, as do ordinary citizens. However, malicious threat actors saw this as an opportunity to let people fall into a trap of their own making.

It has been detected that the actors are sending out phishing email campaigns to random victims, using their sympathy for the English monarch against them.

Hackers are Using the Death of Queen Elizabeth II

Hackers have been detected using the national morning of the UK to launch phishing attacks and scams.

According to BleepingComputer, malicious threat actors are using the death of Queen Elizabeth II to steal Microsoft credentials and multi-factor authentication (MFA) codes from their victims. 

The hackers are using the current emotional state of the people of England to convert more people to become their phishing victims. The new phishing strategy now involves carefully crafting messages and tactics around the death of the Queen.

Proofpoint, a cybersecurity company, went to Twitter and posted an example of this phishing scam using the name of Queen Elizabeth II to lure victims into clicking the link they provided.

As seen in the tweet, hackers are pretending to be part of the Microsoft team. The hackers are sending out messages in which they claim to be compiling a collection of letters and messages that they have received honoring the Queen.

The recipients of the emails are highly encouraged to post their messages on a virtual memory board that has been created in her honor. The email banner of the phishing scam says, "In memory of Her Majesty Queen Elizabeth II."

As seen in the email page, it is designed in a way that their victims will be tempted to click since they have provided numerous links and buttons available to press anytime.

However, just like how scams and phishing campaigns are structured, if users click on the links, the hackers will be able to take advantage of the device and steal their Microsoft credentials.

Read Also: Apple Releases Patch for CVE-2022-32917 Exploit Affecting iPhones, Macs

Hackers Might Be Limited

Hackers may not be able to use this tactic for long. The National Cyber Security Centre of the UK has been made aware of the reports regarding the phishing attacks using the name of the Queen.

The NCSC then issued a warning to its citizens, saying that cybercriminals often use emotions and use high profile current events to lure victims to get them to click on a malicious link.

NCSC stated, "During this period following the death of Her Majesty the Queen, including her Lying-in-State and State Funeral, there may be an increase in phishing emails and other scams."

In the same way that they do with other significant events, hackers might try to benefit financially from Her Majesty the Queen's passing.

NCSC would like to remind its constituents that they do not require a ticket in order to attend the Lying-in-State, nor are they required to make a payment in order to do so.

The security center of the country also stated that they are aware of these types of reports but have not seen extensive evidence of this just yet.

However, the NCSC still advises its constituents to be vigilant and discerning in their emails, text messages, calls, or any form of communication relating to the death of Queen Elizabeth II and her funeral arrangements.

Related Article: Microsoft's Patch Tuesday September 2022 Release Fixes for 63 Vulnerabilities