top of page

Membership is FREE so join today to receive your welcome pack and access to all of our cyber security advice and resources.

Want to improve your cyber resilience?

Warning: Protect Yourself from the New "Grief Harvesting" Scam

Attacker conducting social engineering research

At the South West Cyber Resilience Centre (SWCRC), we strive to keep our community informed about the latest cybersecurity threats. Today, we want to highlight a chilling new trend: "grief harvesting" scams. These scams target the recently bereaved, exploiting their vulnerability to steal personal data. Here's what you need to know and how to protect yourself.

What is Grief Harvesting?

Grief harvesting involves scammers gathering information from social media accounts and sending convincing phishing emails, often pretending to be funeral homes or fake charities. This tactic takes advantage of the legal grey area surrounding the General Data Protection Regulation (GDPR) after a person passes away.

How Scammers Operate

Scammers scour social media obituaries and public profiles for information about the deceased, then use this data to personalise their scams. They might steal identities to rack up debts or access financial accounts, pose as bogus charities to solicit donations, or even emotionally manipulate the bereaved by impersonating the deceased.

Signs of a Grief Harvesting Scam

  1. Identity Theft: Scammers use gleaned personal details to steal identities and open new loans or credit cards in the deceased's name.

  2. Bogus Charities: Fake charities reach out to grieving families, often with names similar to real ones, asking for donations.

  3. Emotional Manipulation: Scammers might pose as psychics offering messages from beyond or even impersonate the deceased, requesting money or personal information.

How to Protect Yourself

  1. Keep Social Media Accounts Private: Ensure your social media profiles are private and think twice before sharing personal details, such as your full date of birth, address, and contact details.

  2. Deactivate and Delete Old Profiles: Regularly audit your digital footprint and delete any outdated profiles that may still hold personal information.

  3. Password Protect Your Devices: Use complex passwords with a mix of words, symbols, numbers, and capitals. Tools like password managers can help.

  4. Install and Update Anti-Virus Software: Keep your devices protected with the latest security software updates.

  5. Be Cautious on Public Wi-Fi: Avoid accessing sensitive apps, like mobile banking, on public Wi-Fi networks.

  6. Manage Your Offline Information: Always redirect your post when you move and secure your letterbox.

Additional Tips from SWCRC

  1. Protect Your Personal Information: Share minimal personal details online and be cautious with what you include in obituaries.

  2. Communicate with Loved Ones: Discuss your digital legacy with family members and appoint someone to manage your online accounts after you're gone.

  3. Be Cautious with Unsolicited Contact: Verify any unexpected communication by reaching out directly to the supposed organisation using official contact details.

  4. Be Wary of Emotional Appeals: Scammers exploit grief to pressurise you into immediate actions or donations. Legitimate charities understand the need for time to process a loss.

  5. Report Suspicious Activity: If you suspect a scam, report it to the relevant authorities to help protect others and shut down fraudulent operations.


Grief harvesting scams are a cruel and growing threat. By staying vigilant and taking proactive steps, you can protect yourself and your loved ones during vulnerable times. For more information on cybersecurity and how to stay safe online, follow the South West Cyber Resilience Centre (SWCRC).

Stay safe, The SWCRC Team


bottom of page