Researchers from Proofpoint are warning of threat actors that are using the death of Queen Elizabeth II as bait in phishing attacks. The attackers aim at tricking recipients into visiting sites designed to steal their Microsoft account credentials and MFA codes.
The messages sent to the victims purported to be from Microsoft and invited recipients to an “artificial technology hub” in Queen Elizabeth II honor.
The content of the message informs the recipients that Microsoft is launching an interactive AI memory board in honor of Her Majesty Queen Elizabeth II and invites them to contribute to its creation by accessing it using their Microsoft account credentials
Upon clicking the button embedded within the email, the recipients are redirected to the phishing landing page where they’re asked to enter their Microsoft credentials.
The phishing page (hxxps://auth[.]royalqueenelizabeth[.]com/?) has been created with the recently discovered EvilProxy phishing kit.