A phishing campaign aimed at harvesting Office 365 account credentials is employing a variety of tricks to fool both email security sistems and recipients: the phishing emails come from a compromised enterprise account, through the secure email system Zix, to make recipients believe that the offered link isn’t malicious.
The phishing email
The phishing emails are sent from a compromised email account belonging to a real estate services provider (Authentic Title, LLC), and ostensibly contain a closing settlement counter offer. To view it, the recipients are asked to follow a link included in the email.
As the emails are sent via Zix, they sport a header and a footer proclaiming that “This message was sent securely using Zix” and “This message was secured by Zix” – which might be enough for some users to decide the email is legitimate and they can safely follo ..
Support the originator by clicking the read the rest link below.
