Pierluigi Paganini
Scammers misuse the passing of Pope Francis
April 24, 2025
Exploiting Pope Francis’ decease for fraudulent activities, leveraging public curiosity and emotions to propagate scams and disseminate malware, follows a customary strategy during worldwide occurrences.
Post the demise of Pope Francis, malicious actors initiated fraudulent schemes and cyber assaults, capitalizing on public intrigue, sorrow, and bewilderment.
Unlawful entities are all set to take advantage of any globally significant event, as seen previously during incidents such as Queen Elizabeth II’s demise or the COVID-19 outbreak. Referred to as “cyber threat opportunism” by Check Point Research, there were analogous surges during the COVID-19 period, with Google observing over 18 million daily scam emails related to the virus.
These highly emotional periods present fertile soil for digital exploitation. The emotional fragility of users renders them prime targets for malevolent entities aiming for clicks, personal information, or financial data.
The passing of Pope Francis sheds light on how cybercriminals exploit any incident for their malicious gain. Vigilant security protocols and awareness emerge as crucial defenses against such threats.
Misinformation as an Entryway
One of the most perilous criminal methods associated with these occurrences is misinformation. False news proliferates rapidly on platforms like Facebook, TikTok, and Instagram. Artificial intelligence-generated visuals and videos fuel conspiracy theories, with certain factions asserting Pope Francis’s survival while others sensationalize the circumstances surrounding his passing.
Such posts, designed to capture clicks and shares, frequently embed links that redirect individuals to deceitful websites.
CheckPoint uncovered a scam where a falsified news link led to a spurious Google gift card page, deceiving users into divulging personal details, including payment particulars.
Covert Malware and Data Collection
Certain malevolent sites operate covert scripts that clandestinely accumulate device specifics, operating systems, geolocation, and additional data later auctioned on the dark web or utilized for phishing endeavors.
Threat actors employed malware to pilfer login credentials, financial data, and personal documents. Specialists caution that even apparently innocuous browsing habits can render you susceptible to such hazards if you are not cautious about the websites you frequent.
The SEO Poisoning Snare
Cybercriminals deploy SEO poisoning to elevate malevolent sites in search output rankings for trending terms like “Pope Francis passing,” duping users into visiting harmful pages.
During moments when unsuspecting users search for reliable updates, they might inadvertently hit on these deceitful outcomes. Once ensnared, they become exposed to malware or credential-harvesting ploys that frequently mimic authentic news websites almost identically. This fuels a perilous cycle where trust in online information continuously deteriorates.
The Intractability of Detecting These Campaigns
A fundamental challenge in such assaults lies in cybercriminals resorting to new or inactive domains devoid of malevolent pasts, enabling them to elude conventional threat identification tools.
“Cybercriminals thrive on pandemonium and curiosity. Every major global occurrence triggers an abrupt surge in scams designed to exploit public interest,” remarked Rafa Lopez, Security Engineer at Check Point Software Technologies.
Hence, how can individuals secure themselves during these precarious periods?
- Ensure the currency of your browser and OS
Regularly verify and promptly install patches and updates, which typically rectify vulnerabilities exploited by attackers. - Employ reputable web security utilities
Leverage browser extensions like Check Point Harmony Browse or akin utilities that can authenticate websites in real-time, preventing the loading of hazardous sites. - Approach sensational headlines with skepticism
If a headline appears excessively shocking, it is likely false. Always cross-verify with trustworthy media outlets prior to accepting or distributing information. - Avert clicking on dubious links
Especially those in emails or social media posts purporting to provide “exclusive” content. Directly navigate to official news sources by manually entering the URLs. - Vet dubious links and files
Leverage services such as VirusTotal or Check Point ThreatCloud for scanning files and URLs before opening them. - Invest in a holistic security suite
Select antivirus software encompassing phishing safeguards, threat identification, and automated updates for maximal protection.
During periods of sorrow or global attention, maintain vigilance and caution to prevent curiosity from evolving into a conduit for malevolent entities. Stay prepared and safeguarded.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Pope Francis)
About Author
