Beware of Queen Elizabeth II phishing scams, warns Kaspersky
Couldn't attend Transform 2022? Check out all the summit sessions in our on-demand library now! Look here.
Cybercriminals never like to let a crisis pass. As people around the world still mourn the passing of Queen Elizabeth II, threat actors are seizing the opportunity to exploit the compassion of unsuspecting users.
Today, Kaspersky researchers warned of an increase in scams related to the Queen's death, uncovering several investment projects, offering users crypto tokens and even NFTs bearing the monarch's name, in exchange for "paying homage to Her Majesty".
Researchers also noted that users could purchase commemorative coins and T-shirts on newly created websites, which left consumers' usernames, addresses, and card data unprotected.
The emergence of new scams surrounding the death of Queen Elizabeth II shows that security awareness training is key to ensuring employees can avoid being tricked into divulging personal information.
EventMetaBeat 2022
MetaBeat will bring together thought leaders to advise on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.
register hereKaspersky isn't the only organization anticipating a spike in scams surrounding the monarch's death.
Last week, the UK's National Cyber Security Center (NCSC) warned that "as with all major events, criminals may seek to exploit the death of Her Majesty The Queen for their own profit," and warned users to be mindful of emails and text messages.
The same week, Bitdefender noted that on September 12, there was a wave of scam messages aimed at sealing Microsoft login credentials by trying to trick users into creating an "AI memory card", by the honor of the queen. Clicking on the link would take the user to a fake Microsoft landing page to harvest their credentials.
It's important to note that these scams come at any time of tragedy, with one of the most prominent examples of this occurring during the height of the COVID-19 pandemic, where phishing incidents have increased by 220%.
These latest scams uncovered by Kaspersky and Bitdefender seek to exploit the compassion of unsuspecting users.
"When buying from such sites, remember that many of them are not secure and data entered on these pages may leak, so remember to use a robust solution and secure to protect you," Olga said. Svistunova, security expert at Kaspersky. "Also choose to buy only from trusted stores and beware of very low prices on goods - this can be used by cybercriminals as a decoy to obtain your payment information."
While many of these scams are consumer-focused, they also create substantial risks for businesses.
For example, if an employee attempts to purchase goods from a phishing website through a personal account, they could hand over data and login credentials that the attacker could then reuse to breach internal security systems. its organization.
When all it takes is a single login to cause a devastating breach, the dangers of these scams cannot afford to be overlooked.
Nowhere is the danger of phishing and social engineering more clearly illustrated than in the case of Uber's data breach last week, where an 18-year-old hacker impersonated IT support staff to trick an employee into sharing their login credentials to gain access to the organization's Slack and internal systems.
These types of phishing scams won't be the last, which means security teams need to...
Couldn't attend Transform 2022? Check out all the summit sessions in our on-demand library now! Look here.
Cybercriminals never like to let a crisis pass. As people around the world still mourn the passing of Queen Elizabeth II, threat actors are seizing the opportunity to exploit the compassion of unsuspecting users.
Today, Kaspersky researchers warned of an increase in scams related to the Queen's death, uncovering several investment projects, offering users crypto tokens and even NFTs bearing the monarch's name, in exchange for "paying homage to Her Majesty".
Researchers also noted that users could purchase commemorative coins and T-shirts on newly created websites, which left consumers' usernames, addresses, and card data unprotected.
The emergence of new scams surrounding the death of Queen Elizabeth II shows that security awareness training is key to ensuring employees can avoid being tricked into divulging personal information.
EventMetaBeat 2022
MetaBeat will bring together thought leaders to advise on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.
register hereKaspersky isn't the only organization anticipating a spike in scams surrounding the monarch's death.
Last week, the UK's National Cyber Security Center (NCSC) warned that "as with all major events, criminals may seek to exploit the death of Her Majesty The Queen for their own profit," and warned users to be mindful of emails and text messages.
The same week, Bitdefender noted that on September 12, there was a wave of scam messages aimed at sealing Microsoft login credentials by trying to trick users into creating an "AI memory card", by the honor of the queen. Clicking on the link would take the user to a fake Microsoft landing page to harvest their credentials.
It's important to note that these scams come at any time of tragedy, with one of the most prominent examples of this occurring during the height of the COVID-19 pandemic, where phishing incidents have increased by 220%.
These latest scams uncovered by Kaspersky and Bitdefender seek to exploit the compassion of unsuspecting users.
"When buying from such sites, remember that many of them are not secure and data entered on these pages may leak, so remember to use a robust solution and secure to protect you," Olga said. Svistunova, security expert at Kaspersky. "Also choose to buy only from trusted stores and beware of very low prices on goods - this can be used by cybercriminals as a decoy to obtain your payment information."
While many of these scams are consumer-focused, they also create substantial risks for businesses.
For example, if an employee attempts to purchase goods from a phishing website through a personal account, they could hand over data and login credentials that the attacker could then reuse to breach internal security systems. its organization.
When all it takes is a single login to cause a devastating breach, the dangers of these scams cannot afford to be overlooked.
Nowhere is the danger of phishing and social engineering more clearly illustrated than in the case of Uber's data breach last week, where an 18-year-old hacker impersonated IT support staff to trick an employee into sharing their login credentials to gain access to the organization's Slack and internal systems.
These types of phishing scams won't be the last, which means security teams need to...
What's Your Reaction?
![Three of ID's top PR executives quit ad firm Powerhouse [EXCLUSIVE]](https://variety.com/wp-content/uploads/2023/02/ID-PR-Logo.jpg?#){kind=logo}
