If you were under any kind of impression that cybercriminals wouldn’t waste an opportunity to cause trouble, you’re wrong. Threat actors are taking advantage of the grief that the globe is still experiencing after the loss of Queen Elizabeth II by preying on trusting users through phishing.
Kaspersky researchers found various investment schemes that offered users crypto tokens and even NFTs named after the monarch in exchange for "paying tribute to her Majesty," warning of an increase in frauds related to the Queen's demise.
Researchers from Proofpoint's @threatinsight team have found that threat actors are using the passing of Queen Elizabeth II as bait in #phishing attacks. @securityaffairs recaps our findings here: https://t.co/75aA9v0UgP.
— Proofpoint (@proofpoint) September 16, 2022
The researchers also pointed out that recently launched websites allowed visitors to buy commemorative coins and t-shirts while leaving their usernames, addresses, and payment information vulnerable.
The rise of fresh scams in response to the passing of Queen Elizabeth II emphasises the importance of security awareness training for preventing employees from being duped into providing personal information.
UK's National Cyber Security Center Issues A Warning Before The Funeral Of Queen Elizabeth
Just last week, The United Kingdom's National Cyber Security Center (NCSC) issued a warning, cautioning users to pay close attention to emails and SMS messages because just like with any important occasion, criminals were seeking to use the passing of Her Majesty the Queen for their own gain.
As the @NCSC
has recently announced, it’s important we're all aware of potential scams during times of heightened news and national incidents, such as the passing of HM Queen Elizabeth II.This scam may be received via email or text message ????https://t.co/EkRQdG2JIx
— The Cyber Helpline (@HelplineCyber) September 15, 2022
By tricking people into creating an "AI memory board" in the Queen's honour, a wave of fraudulent communications targeting Microsoft login credentials appeared on September 12 of the same week, according to Bitdefender. When the user clicked the link, a false Microsoft landing page would load in order to capture their login information.
It's crucial to remember that these scams appear whenever there has been a disaster. One of the most notable instances of this occurred at the height of the COVID-19 outbreak when phishing incidents rose by 220%.
These most recent frauds that Kaspersky and Bitdefender have found aim to take advantage of consumers' kindness
Phishing Causing Harm To Businesses As Well
What are the 3 biggest threats that businesses face from cyber criminals online?
➡️ Phishing, Ransomware and Impersonation
Is your business prepared and aware of the these threats?
If you answered No - let's start today: https://t.co/9oiG2XF9Ji pic.twitter.com/iRcRzl4qLq— North West Cyber Resilience Centre (@northwestcrc) September 20, 2022
While many of these frauds target consumers, they also pose significant hazards to businesses.
For instance, if an employee uses a personal account to try to make a purchase on a phishing website, they may provide information and login information that the attacker can use to access their company's internal systems.
The risks of these scams cannot be ignored given that it only takes one login credential to trigger a catastrophic breach.
Recently, an Uber data breach had an 18-year-old hacker pretending to be IT support staff, in order to trick an employee into sharing their login information. The hacker then gained access to the company's Slack and internal systems.
Check out the 5 Key Steps to Defend From Harmful Phishing Attacks
