How to distinguish emails between real zix message center and phishing?
This morning I got a call from a user in a remote office who has received an email that purports to contain a "zix secure email" message. It directs him to this page http://zixmessagecenter.com/s/e which has a place for him to enter his google mail account and password in order to decrypt the email.I was surprised.
So i decided to do some research (here, among other places) and it seems that zix is a legit company providing secure email, but I have no way to distinguish between what are their real sites and what is phishing. And "zixmessagecenter.com" certainly isn't "zixcorp.com" so I'm not sure that this is really their website or some rogue domain that has the artwork of some legit zix pages downloaded and put into their page.
Also, some offhand remarks and links to some stuff from 2014 suggest that at some point google was integrating zix into google mail, so should he have simply seen a legit zix message in cleartext in his google mail?
So how do I tell if this is zix message center or phishing?
This happens because as others described, the Mail/Web shield needs to be able to scan your web traffic before it is saved on your system / does any harm. Scanning encrypted SSL/TLS sockets require that Avast can decrypt the connection. There is no other way for Avast to decrypt the connection than to generate its own certificate with a known derived decryption key, then signing them with a custom Root Certificate from Avast installed on your system. This completely compromises internet privacy. (1) Man-In-The-Middle attacks by any person exchanging the website's keys to their own so that they may tap in on your connection will go unnoticed by your browser. (2) Unsecure website certificates (maliciously exchanged, cracked, or shared with third parties) will be accepted by your browser, and the whole concept of secure, encrypted, and authenticated connections is ignored.
There is a checkbox in “preferences” in Avast that says “scan secured connections”.If you value your internet privacy, I would advise you to turn it off.
Zix Message Center vs ZixPort As part of the Best Method Of Delivery, some messages will be delivered into a web portal to be decrypted and securely transmitted to the recipient over SSL. You have a couple of options.
Everyone gets the Zix Message Center, a standardized interface that provides highly secure SSL security all the way to the recipient's PC. You can see that interface here: ZixMessageCenter
Additionally, you can upgrade to the ZixPort interface which gives you more control over the look and feel of the interface. You can fully brand it, change the contact information, and also include it in a link on your website so your clients can initiate secure communication to you and other users at your organization right from your website. You can see our ZixPort here: ZixPort As always, if you have questions about the differences or if there's anything else we can do to help, don't hesitate to call, email, or chat with us 24/7/365.
Answer (1)
Distinguishing between legitimate Zix Message Center emails and phishing attempts involves several key indicators:
Sender Address Verification: Check the sender's email address closely. Legitimate Zix Message Center emails typically come from recognized domains associated with Zix Corporation or the organization utilizing Zix services.
Content Authenticity: Legitimate Zix Message Center emails should contain accurate and relevant information related to secure message delivery or encryption services. Be cautious of emails containing suspicious links, attachments, or requests for personal information.
Email Formatting and Branding: Pay attention to the email's design and branding elements. Legitimate Zix Message Center emails usually maintain consistent branding, including logos and formatting, while phishing attempts may lack these elements or appear poorly crafted.
Urgency and Requests for Action: Be wary of emails that create a sense of urgency or request immediate action, such as clicking on links or providing sensitive information. Legitimate Zix Message Center communications typically focus on secure message delivery and encryption, rather than urgent requests.
Security Indicators: Look for security indicators such as encryption certificates or secure connections (e.g., HTTPS) when accessing links provided in the email. Legitimate Zix Message Center emails often include encryption features to ensure secure message delivery.
Verification Processes: If in doubt, verify the legitimacy of the email through alternative means, such as contacting the sender directly through a known, trusted communication channel or contacting Zix Corporation's customer support.
By being vigilant and assessing these factors, you can better distinguish between genuine Zix Message Center emails and potential phishing attempts.