Published on: November 30, 2019
Here’s an old trick with a new twist. We’ve talked about how cybercriminals are abusing encrypted email communications. They’ve been adding headers and footers that include "encrypted email" to try and convince you that the message is trustworthy. Most of them include a (malicious) link within the instructions.
Recently, for the first time, we saw a hacker convert a blue banner familiar to Zix users to a URL link that pointed to the malicious website. Anywhere you clicked on that banner landed you on the phishing website.
Remember, a Zix or any other encrypted email banner is observational and never actionable. Additionally, if you’re a Zix customer, any inbound email encrypted by Zix will be transparent. You’ll never see any link to retrieve the original message.