Royal Brexit bitcoin phishing hoax hits British mailboxes

Fraudsters deploy an old-school method in an attempt to outfox a tech CEO

Hacker behind a computer against the EU flag to depict Brexit

A new cryptocurrency phishing scam has been circulating in Britons' mailboxes this week with letters purporting to be from the Queen asking for cryptocurrency to maintain the UK's economic stability after Brexit.

The letter was received by Paul Ridden, CEO at Smarttask, a UK tech firm specialising in cloud-based mobile workforce management products and services. The authors of the letter asked for sums of bitcoin between 450,000 and 2,000,000 to be deposited into a supplied wallet address.

The authors claimed "to save and sustain our economy after Brexit, we must pay the European Union 19 billions", and while they have 82% of the funds already, they were appealing to the public for the rest by 19 October.

According to the letter, this isn't the first time Queen Elizabeth II has appealed to the British public in order to save the economy. It's apparently the second time in 30 years she has made such an appeal and she made it to a highly cyber aware 'victim'.

The letter sent to Paul Ridden

"When it Arrived it made me chuckle as [phishing attempts] don't usually come on paper," said Ridden to IT Pro. "What made me chuckle about was how poor the English was... it's another attempt but it's a poor attempt.

"I think it's an attempt to be different. In a corporate world, one of the things we're always trying to protect against is these social engineering attacks and I guess coming in on paper, it's perhaps trying to come through a door that's not protected.

"So, I wouldn't generally expect that to come that way. As a tech firm ourselves, we're reasonably aware of what's going on and very protective of the company's finances. So, nobody's going to be sending any Bitcoin off to them."

Before listing the bitcoin wallet address the hoax authors asked to remain anonymous as by going viral, it "could affect the agreements we have in order to obtain the bilateral agreement".

Ironically, the letter did end up going semi-viral on LinkedIn thanks to Ridden's post which garnered thousands of interactions in just a few days.

When asked, Ridden said he wasn't aware of any other recipient to have received the same letter, but questioned "does anyone really fall for this", in the original social media post.

"As a technology firm data security is really important to us, so things like this, whilst we've extracted human this exercise, it's a lesson for us all to be vigilant, whether that's pieces of paper turning up on our desks or people phoning in and pretending to be other people. So, I think in this connected world we live in, that security is really high on our agenda."

Related Resource

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now

IT Pro contacted the press office at Buckingham Palace but it declined to comment.

Modern phishing attacks tend to exploit absent cyber awareness, typically taking form as an email due to the ease with which they can be sent to many recipients.

The industry has seen phishing attacks become much more sophisticated in recent years and they target different demographics, from TV license holders to C-suite executives. Google has even released its own online cyber awareness course for young people which gamifies education on how to spot a phishing attempt online.

"This is an interesting spin on a phishing attempt coming in via post," said Javvad Malik, security awareness advocate at KnowBe4 to IT Pro. "From an awareness perspective, this scam bears all the same features of an email phish. There are some grammatical errors and inconsistencies in how a real letter from the Queen would read. Beyond that, the mail tries to instil a sense of urgency as well as promising high rewards.

"People should be aware that scammers will use any means at their disposal in an attempt to swindle money. Particularly where there is a major event such as a natural disaster, sporting event, or a political event like Brexit, they will jump on the bandwagon to try and exploit it as much as possible."

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Recommended

Mastering endpoint security implementation
Security

Mastering endpoint security implementation

16 Apr 2021
US, UK say Russia was behind SolarWinds hack
cyber attacks

US, UK say Russia was behind SolarWinds hack

16 Apr 2021
1Password targets enterprise customers with Secrets Automation
IT infrastructure

1Password targets enterprise customers with Secrets Automation

14 Apr 2021
PowerShell threats increased over 200% last year
cyber security

PowerShell threats increased over 200% last year

14 Apr 2021

Most Popular

University of Hertfordshire's entire IT system offline after cyber attack
cyber attacks

University of Hertfordshire's entire IT system offline after cyber attack

15 Apr 2021
Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021