Cold-hearted criminals take any opportunity they can, even the most tragic ones, and turn it to their own advantage. And a group of hackers have targeted the death of Queen Elizabeth II to steal innocent victim's sensitive data. These scammers have been running an email-based online scam where the victim gets an email which pretends to be from Microsoft. This email asks people to write their message to the Queen by logging into their Microsoft account. However, clicking on the button to log in takes you to a credential harvesting page which steals your data and any sensitive information present within these accounts. Do not fall for this malicious threat. Know how it is being conducted and how you can protect yourself.
The online scam was first identified by Proofpoint, a security software company. It tweeted, “Researchers from Proofpoint's @threatinsight team have found that threat actors are using the passing of Queen Elizabeth II as bait in #phishing attacks”.
The Threat Insight Twitter offered a detailed explanation of what was happening. According to them, it was a credential phishing campaign over email that pretended to be from Microsoft and invited recipients to an “artificial technology hub” in her honor. The message claimed that Microsoft was “launching an interactive Al memory board in honor of Her Majesty Elizabeth II” and asked the users to write messages for the Queen.
However, once they clicked on the action button on the page, something far sinister would happen. “Messages contained links to a URL redirecting credential harvesting page targeting Microsoft email credentials including MFA collection. The actor used the #EvilProxy phish kit,” explained the tweet from Insight Threat.
The scammers as a result have
Read more on tech.hindustantimes.com