Cybercriminals were quick to exploit the passing of Britain's longest-reigning monarch, Queen Elizabeth II.
On Sept. 12, just four days after the death of Her Majesty the Queen, Bitdefender telemetry picked up a wave of fraudulent messages aimed at stealing Microsoft credentials under the guise of an “AI memory board” in her honor.
Upon accessing the embedded link, users were directed to a fake Microsoft landing page that would harvest Microsoft credentials from unwary users.
Subject lines vary and include:
Although the campaign had a global outreach, spammers had a clear focus, with phishing emails targeting the US, UK, Ireland, Germany, Sweden and South Korea.
According to the latest analysis from Bitdefender Labs, the phishing campaign was short-lived, with traffic to fraudulent webpages disappearing within two days of detection. Phishing campaigns are often cut short to try to evade antispam filters, and although the webpages are no longer active, cyberthieves could experiment with similar ruses to deceive recipients.
The UK’s National Cyber Security Centre has also warned about potential scams and phishing attacks during the national period of mourning.
The agency advises users to remain cautious and scrutinize unsolicited emails, text messages, and other communications regarding funeral arrangements and participation at Her Majesty The Queen’s Lying-in-State at the Palace of Westminster.