The loss of Queen Elizabeth II was mourned throughout the world, but hackers used it as a chance to steal Microsoft credentials in phishing attacks.
Aside from the Microsoft account details being targeted, the attackers attempted to steal their victims’ multi-factor authentication (MFA) tokens in order to get access easily.
The “Messages purported to be from Microsoft and invited recipients to an ‘artificial technology hub’ in her honor,” . Attackers impersonate “the Microsoft team” and try to bait the victims into adding their memo onto an online memory board “in memory of Her Majesty Queen Elizabeth II.”
Victims were sent to a phishing landing page after clicking the button, where they were requested to log in to their Microsoft accounts.
The National Cyber Security Centre of the United Kingdom issued a warning to users regarding the aforementioned Phishing email, stating that:
“While the NCSC – which is a part of GCHQ – has not yet seen extensive evidence of this, as ever you should be aware it is a possibility and be attentive to emails, text messages, and other communications concerning the death of Her Majesty the Queen and arrangements for her funeral,”