Security News > 2022 > September > Death of Queen Elizabeth II exploited to steal Microsoft credentials
Threat actors are exploiting the death of Queen Elizabeth II in phishing attacks to lure their targets to malicious sites designed to steal their Microsoft account credentials.
Besides Microsoft account details, the attackers also attempt to steal their victims' multi-factor authentication codes to take over their accounts.
In the campaign spotted by Proofpoint, the phishing actors impersonate "The Microsoft team" and try to bait the recipients into adding their memo onto an online memory board "In memory of Her Majesty Queen Elizabeth II.".
After clicking a button embedded within the phishing email, the targets are instead sent to a phishing landing page where they're asked first to enter their Microsoft credentials.
"Messages contained links to a URL redirecting credential harvesting page targeting Microsoft email credentials including MFA collection," Proofpoint added.
The attackers use a new reverse-proxy Phishing-as-a-Service platform known as EvilProxy promoted on clearnet and dark web hacking forums, which allows low-skill threat actors to steal authentication tokens to bypass MFA. United Kingdom's National Cyber Security Centre warned on Tuesday about an increased risk of cybercriminals exploiting the Queen's death for their own gain in phishing campaigns and other scams.