Royal Brexit bitcoin phishing hoax hits British mailboxes

Fraudsters deploy an old-school method in an attempt to outfox a tech CEO

Hacker behind a computer against the EU flag to depict Brexit

A new cryptocurrency phishing scam has been circulating in Britons' mailboxes this week with letters purporting to be from the Queen asking for cryptocurrency to maintain the UK's economic stability after Brexit.

The letter was received by Paul Ridden, CEO at Smarttask, a UK tech firm specialising in cloud-based mobile workforce management products and services. The authors of the letter asked for sums of bitcoin between 450,000 and 2,000,000 to be deposited into a supplied wallet address.

The authors claimed "to save and sustain our economy after Brexit, we must pay the European Union 19 billions", and while they have 82% of the funds already, they were appealing to the public for the rest by 19 October.

According to the letter, this isn't the first time Queen Elizabeth II has appealed to the British public in order to save the economy. It's apparently the second time in 30 years she has made such an appeal and she made it to a highly cyber aware 'victim'.

The letter sent to Paul Ridden

"When it Arrived it made me chuckle as [phishing attempts] don't usually come on paper," said Ridden to IT Pro. "What made me chuckle about was how poor the English was... it's another attempt but it's a poor attempt.

"I think it's an attempt to be different. In a corporate world, one of the things we're always trying to protect against is these social engineering attacks and I guess coming in on paper, it's perhaps trying to come through a door that's not protected.

"So, I wouldn't generally expect that to come that way. As a tech firm ourselves, we're reasonably aware of what's going on and very protective of the company's finances. So, nobody's going to be sending any Bitcoin off to them."

Before listing the bitcoin wallet address the hoax authors asked to remain anonymous as by going viral, it "could affect the agreements we have in order to obtain the bilateral agreement".

Ironically, the letter did end up going semi-viral on LinkedIn thanks to Ridden's post which garnered thousands of interactions in just a few days.

When asked, Ridden said he wasn't aware of any other recipient to have received the same letter, but questioned "does anyone really fall for this", in the original social media post.

"As a technology firm data security is really important to us, so things like this, whilst we've extracted human this exercise, it's a lesson for us all to be vigilant, whether that's pieces of paper turning up on our desks or people phoning in and pretending to be other people. So, I think in this connected world we live in, that security is really high on our agenda."

Related Resource

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now

IT Pro contacted the press office at Buckingham Palace but it declined to comment.

Modern phishing attacks tend to exploit absent cyber awareness, typically taking form as an email due to the ease with which they can be sent to many recipients.

The industry has seen phishing attacks become much more sophisticated in recent years and they target different demographics, from TV license holders to C-suite executives. Google has even released its own online cyber awareness course for young people which gamifies education on how to spot a phishing attempt online.

"This is an interesting spin on a phishing attempt coming in via post," said Javvad Malik, security awareness advocate at KnowBe4 to IT Pro. "From an awareness perspective, this scam bears all the same features of an email phish. There are some grammatical errors and inconsistencies in how a real letter from the Queen would read. Beyond that, the mail tries to instil a sense of urgency as well as promising high rewards.

"People should be aware that scammers will use any means at their disposal in an attempt to swindle money. Particularly where there is a major event such as a natural disaster, sporting event, or a political event like Brexit, they will jump on the bandwagon to try and exploit it as much as possible."

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Recommended

Ryuk behind a third of all ransomware attacks in 2020
Security

Ryuk behind a third of all ransomware attacks in 2020

29 Oct 2020
REvil hacking group says it has made more than $100m in a year
Security

REvil hacking group says it has made more than $100m in a year

29 Oct 2020
36 billion personal records exposed by hacks in 2020 so far
Security

36 billion personal records exposed by hacks in 2020 so far

29 Oct 2020
Trump website defaced in second successive cyber breach
Security

Trump website defaced in second successive cyber breach

28 Oct 2020

Most Popular

Do smart devices make us less intelligent?
artificial intelligence (AI)

Do smart devices make us less intelligent?

19 Oct 2020
Politicians need to stop talking about technology
Policy & legislation

Politicians need to stop talking about technology

21 Oct 2020
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

21 Oct 2020