Cyber criminals are spreading a bogus message about the Queen’s death which is designed to steal victims’ sensitive usernames and passwords. While the nation is still in the mourning following the Queen’s death on September 8, cold-hearted scammers have tried to take advantage of the outpouring of grief shown in the UK by spreading a fake email that is allegedly about a digital tribute to the Queen. The message, which was highlighted by experts at Proofpoint, pretends to come from Microsoft and when opened has a big eye-catching header at the top which says “In memory of Her Majesty”.
The design of the email is reminiscent of the fonts and styles Microsoft use on their official website, which could help trick email users that receive the message.
The email says the Windows makers are launching an “interactive AI memory board” in honour of the Queen, with people told they need to use their Microsoft account to take part in this memorial.
However, it’s merely part of an elaborate con to get people to hand over sensitive details such as their usernames and passwords.
Speaking about the threat, Proofpoint said in a post on Twitter: “Proofpoint identified a credential #phish campaign using lures related to Her Majesty Queen Elizabeth II. Messages purported to be from Microsoft and invited recipients to an ‘artificial technology hub’ in her honor.”
Proofpoint said the messages in the email contains links to a page which is designed to steal user credentials.
If you have already fallen victim to this scam be sure to try to log in to your Microsoft account and change your password as quickly as possible and enable two-factor authentication.
For those that share passwords across accounts, be sure to change the password for any services that share the same login as well.
If you want to keep safe from such scams there are a few telltale signs that you can see in this con which will help you avoid future threats.
Firstly, you can easily avoid an email scam by checking the sender’s details.
In this case, the sender information for the scam email clearly shows it’s a bogus message – with it sent from ‘Microsof’ and the actual email not from a Microsoft domain at all.
Also, the email has a number of typos – which you shouldn’t find in official correspondence from big name companies.
And finally, remember you should never get emails out of the blue from legitimate companies asking for sensitive information.
If you follow all of this guidance and still aren’t sure if an email is genuine or not the easiest thing you can do to be safe is to contact the organisation in question.
Be sure also to head to the organisation in question’s official website to get contact details and not use any contact information found in the potentially bogus scam message you’ve just received.
While this will take a little bit of extra time it will save you a lot more time that would be lost in the long run – not to mention stress – if you did end up falling victim to such a scam.