ProtonMail warns all users to beware of phishing scam
ProtonMail is sending a warning urging all users of the end-to-end encrypted email service to be on the lookout for phishing scams impersonating ProtonMail.
“Dear ProtonMail user, over the last few days we have noticed an unusually high number of phishing attempts targeting ProtonMail accounts. To help keep your account safe, we want to remind you of a few security tips,” reads the warning.
Users are told to look for the “star” that indicates the email is from the provider, to avoid clicking on links or attachments if the email looks or feels suspicious in any way, and more (full text body in the embedded tweet below, courtesy of Catalin Cimpanu).
The company says phishing is the most common attack vector employed by cybercrooks, and urges users to watch out for any suspicious correspondence hitting their inbox.
ProtonMail just sent out a phishing warning pic.twitter.com/VqKUZehNnF
â€” Catalin Cimpanu (@campuscodi) May 3, 2018
ProtonMail is an end-to-end encrypted email service founded in 2014 at the CERN research facility. It uses client-side encryption to protect email contents and user data before they are sent to ProtonMail servers, unlike the more common email services out there.
The service uses a combination of public-key cryptography and symmetric encryption protocols to achieve end-to-end encryption, and includes the option to log in with a “two-password mode” that requires a login password and a password for the mailbox. The service is also secured by the industry-standard two-factor-authentication (2FA) protocol.
Since ProtonMail stores decryption keys only in their encrypted form, bad actors can”t retrieve user emails nor reset user mailbox passwords. Thus, the only way (or at least one of the few ways) they can get their hands on a ProtonMail account is through a phishing campaign that tricks users into inputting their credentials.
The Holiday Guide to Tech Support: Fixing the Family Computer
November 24, 2021
Bitdefender Celebrates 20 Years of Cybersecurity Leadership
November 04, 2021
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
October 26, 2021
What are drive-by download attacks and how do you prevent them?
October 25, 2021
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks
October 22, 2021
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals
October 20, 2021