Condolence Email Malware
A phishing email disguised as a condolence message or funeral notification, containing a malicious link or attachment designed to install malware or steal credentials.
Also known as: memorial phishing email, funeral notice phishing
Last reviewed: 5 July 2026
This scam sends an email that appears to be a sympathy message, an invitation to an online memorial service, or a notification about funeral arrangements, often referencing a name that could plausibly belong to someone the recipient knows. The email includes a link to 'view the memorial' or 'RSVP to the service' or an attachment labeled as an order of service or photo tribute, which actually delivers malware or leads to a credential-harvesting fake login page.
These campaigns are frequently sent in bulk without any specific target in mind, relying on the statistical likelihood that some recipients will recently have lost someone and find the premise believable, or will simply be curious enough to click. During periods of widely publicized deaths, such as a public figure or a local tragedy, scammers also send mass condolence-themed phishing tied to that specific event, since heightened public interest increases click rates.
Recipients should treat unexpected memorial or condolence emails from unfamiliar senders with the same caution as any other phishing attempt, avoiding links and attachments and instead contacting the supposed sender through a known, separate channel to confirm the message is genuine.