Threat actors are capitalizing on the death of Queen Elizabeth II to lure targets into clicking on phishing links that request Microsoft credentials. Experts at Proofpoint posted a screenshot yesterday that revealed the phishing emails appear as though they are being sent from the tech giant itself. The headline claims to be memorializing the late Queen Elizabeth with an interactive AI memory board. However, to take part in the fraudulent memory board, users must click the link embedded in the email. This link takes users to a phished site that prompts users to enter their Microsoft credentials. The site also features a capability to bypass multi-factor authentication, according to Proofpoint.

Major news stories are typically capitalized by threat actors to lure victims into falling for phishing schemes. In this case, instead of inducing urgency, the phishers are capitalizing on grief, concern, and sadness brought on by the Queen’s death. These themes could continue to pop up in various phishing campaigns and cybersecurity risks as threat actors continue to find new ways to lure victims.

Read More: User Alert as Phishing Campaigns Exploit Queen’s Passing