Your IT Consultant

Beware – Encrypted Email Used in Phishing Attack

September 28, 2021

There are some really clever people out there in the cyber world. Unfortunately, some use their talents for evil purposes and financial gain. It’s a constant back and forth where we try to stop attacks and the bad guys/gals attempt to get through our defenses. Threatpost reports that a phishing campaign “has targeted close to 75K inboxes, slipping past spam and security controls across Office 365, Google Workspace, Exchange, Cisco ESA and more.” Specifically, the phishing email purports to be a secure message from the Zix encrypted email service.

I can see how an encrypted phishing email can be more successful than an unencrypted message. The receiver doesn’t expect to see much usable information about the message contents since it is encrypted. The tendency is to click on a link or open an attachment to expose some more information about the “secure” message you just received. In this particular attack, the sender is riding on the familiarity of the Zix service and coming from a domain that looks like one associated with the Baptist religion. The messages are not part of a “spray and pray” campaign, but more targeted to individuals to avoid the office chatter about weird emails.

At the end of the day, be particularly suspicious of encrypted emails, especially if you are not expecting them.

Email:   Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com