Scammers use Queen Elizabeth’s death to STEAL passwords; Don’t fall for this online scam

A new heinous online scam steals sensitive data like passwords from users by pretending to be from Microsoft and asking them to write a tribute in memory of Queen Elizabeth II. Know how to avoid it.

| Updated on: Sep 20 2022, 15:56 IST
Ukraine war sparks horrific online donation scams! Don't do this, you will lose
image caption
1/7 From dodgy websites, fake social media accounts to dubious emails and texts - these online scammers are using all tactics to steal money from bank accounts of donors who want to give money to refugees in Ukraine. (AFP)
image caption
2/7 The Ukrainian Red Cross has identified several fake pages on Instagram, cloning those of the real NGOs and charity organisations. (Pixabay)
image caption
3/7 The experts of the UK's National Cyber Security Centre (NCSC) have alerted the donors to be more cautious while donating money to any individual or organisations. (AFP)
Queen Elizabeth II funeral
4/7 Donors have to be more vigilant while making their donations directly from their debit cards, which are directly linked to bank accounts. This is a vulnerable payment method that can empty the donor's bank account. Credit card is a better option. (Unsplash)
image caption
5/7 Beware of any mail which seems to be suspicious. Verify its authenticity. If you have any doubt then you should immediately report to NCSC or forward it to (Pixabay)
image caption
6/7 If you find any dubious text messages on social media accounts asking for money for Ukrainians then ignore or delete them. (Pixabay)
image caption
7/7 Before making a donation, verify the background of the charity in as many ways as you can. Also, try and pick charities that are reputable. However, under no circumstance should you let online scams stop you from donating. The refugees need help and the same can be done in a safe manner by being just that extra bit careful. (AFP)
Queen Elizabeth II funeral
View all Images
Don’t fall for this scary online scam where scammers are using the name of Microsoft and Queen Elizabeth II to steal your private information like passwords and account details. (AFP)

Cold-hearted criminals take any opportunity they can, even the most tragic ones, and turn it to their own advantage. And a group of hackers have targeted the death of Queen Elizabeth II to steal innocent victim's sensitive data. These scammers have been running an email-based online scam where the victim gets an email which pretends to be from Microsoft. This email asks people to write their message to the Queen by logging into their Microsoft account. However, clicking on the button to log in takes you to a credential harvesting page which steals your data and any sensitive information present within these accounts. Do not fall for this malicious threat. Know how it is being conducted and how you can protect yourself.

Scammers use the death of Queen Elizabeth II to pull of an online scam

The online scam was first identified by Proofpoint, a security software company. It tweeted, “Researchers from Proofpoint's @threatinsight team have found that threat actors are using the passing of Queen Elizabeth II as bait in #phishing attacks”.

The Threat Insight Twitter offered a detailed explanation of what was happening. According to them, it was a credential phishing campaign over email that pretended to be from Microsoft and invited recipients to an “artificial technology hub” in her honor. The message claimed that Microsoft was “launching an interactive Al memory board in honor of Her Majesty Elizabeth II” and asked the users to write messages for the Queen.

However, once they clicked on the action button on the page, something far sinister would happen. “Messages contained links to a URL redirecting credential harvesting page targeting Microsoft email credentials including MFA collection. The actor used the #EvilProxy phish kit,” explained the tweet from Insight Threat.

The scammers as a result have obtained thousands of account details and passwords and as a result they also have access to both personal and financial information that may contain within that Microsoft account. Further, if the same password has been used by the user for other accounts, they might get compromised as well.

But if you want to protect yourself from such online scams, you need to follow the following rules.

How to protect yourself from online scams

  1. Always check the sender of the email. Most often there will be a spelling error in the name as the scammers cannot copy the official domain of the large organization like Microsoft.
  2. Usually fake emails also contain typos, grammatical errors and such which are a clear giveaway that it has not come from an authentic source.
  3. If you have fallen for a similar scam, immediately change the password of the account. Also, change password for any account where you have used the same password.
  4. Companies do not send out emails asking for sensitive information for people, so always be suspicious of such emails.
  5. If you suspect foul play, never hesitate to reach out to the real company and inquire about the correspondence.

Follow HT Tech for the latest tech news and reviews , also keep up with us on Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 20 Sep, 15:54 IST
keep up with tech