Royal Brexit bitcoin phishing hoax hits British mailboxes

Fraudsters deploy an old-school method in an attempt to outfox a tech CEO

Hacker behind a computer against the EU flag to depict Brexit

A new cryptocurrency phishing scam has been circulating in Britons' mailboxes this week with letters purporting to be from the Queen asking for cryptocurrency to maintain the UK's economic stability after Brexit.

The letter was received by Paul Ridden, CEO at Smarttask, a UK tech firm specialising in cloud-based mobile workforce management products and services. The authors of the letter asked for sums of bitcoin between 450,000 and 2,000,000 to be deposited into a supplied wallet address.

The authors claimed "to save and sustain our economy after Brexit, we must pay the European Union 19 billions", and while they have 82% of the funds already, they were appealing to the public for the rest by 19 October.

According to the letter, this isn't the first time Queen Elizabeth II has appealed to the British public in order to save the economy. It's apparently the second time in 30 years she has made such an appeal and she made it to a highly cyber aware 'victim'.

The letter sent to Paul Ridden

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"When it Arrived it made me chuckle as [phishing attempts] don't usually come on paper," said Ridden to IT Pro. "What made me chuckle about was how poor the English was... it's another attempt but it's a poor attempt.

"I think it's an attempt to be different. In a corporate world, one of the things we're always trying to protect against is these social engineering attacks and I guess coming in on paper, it's perhaps trying to come through a door that's not protected.

"So, I wouldn't generally expect that to come that way. As a tech firm ourselves, we're reasonably aware of what's going on and very protective of the company's finances. So, nobody's going to be sending any Bitcoin off to them."

Before listing the bitcoin wallet address the hoax authors asked to remain anonymous as by going viral, it "could affect the agreements we have in order to obtain the bilateral agreement".

Ironically, the letter did end up going semi-viral on LinkedIn thanks to Ridden's post which garnered thousands of interactions in just a few days.

Advertisement - Article continues below

When asked, Ridden said he wasn't aware of any other recipient to have received the same letter, but questioned "does anyone really fall for this", in the original social media post.

"As a technology firm data security is really important to us, so things like this, whilst we've extracted human this exercise, it's a lesson for us all to be vigilant, whether that's pieces of paper turning up on our desks or people phoning in and pretending to be other people. So, I think in this connected world we live in, that security is really high on our agenda."

Related Resource

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now

IT Pro contacted the press office at Buckingham Palace but it declined to comment.

Modern phishing attacks tend to exploit absent cyber awareness, typically taking form as an email due to the ease with which they can be sent to many recipients.

The industry has seen phishing attacks become much more sophisticated in recent years and they target different demographics, from TV license holders to C-suite executives. Google has even released its own online cyber awareness course for young people which gamifies education on how to spot a phishing attempt online.

Advertisement
Advertisement - Article continues below

"This is an interesting spin on a phishing attempt coming in via post," said Javvad Malik, security awareness advocate at KnowBe4 to IT Pro. "From an awareness perspective, this scam bears all the same features of an email phish. There are some grammatical errors and inconsistencies in how a real letter from the Queen would read. Beyond that, the mail tries to instil a sense of urgency as well as promising high rewards.

Advertisement - Article continues below

"People should be aware that scammers will use any means at their disposal in an attempt to swindle money. Particularly where there is a major event such as a natural disaster, sporting event, or a political event like Brexit, they will jump on the bandwagon to try and exploit it as much as possible."

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/hardware/354584/windows-10-and-the-tools-for-agile-working
Sponsored

Windows 10 and the tools for agile working

20 Jan 2020
Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020