Lately I’ve received several phishing type e-mails claiming to come from an encrypted e-mail service and encouraging me to click a link. The one’s I received look something like this:
Subject: You have a new encrypted message from email@example.com
You have received an encrypted message from firstname.lastname@example.org. The sender intended for the message contents to be secured by using the Barracuda Email Encryption Service. You can retrieve the message from the Barracuda Networks Message Center.
The link to this secure message will expire in 24 hours. If you would like to save a copy of the email or attachment, please save from the opened encrypted email. If an attachment is included, you will be given the option to download a copy of the attachment to your computer.
To view your secure message, click here.
Of course the link is a trap and you shouldn’t click it! I highly recommend encrypted e-mail services like Voltage, HushMail, etc. As adoption of these services increases the number of phishing schemes emulating them is surely to increase. Stay on your toes and don’t get caught out by the impostors.
Update November 26, 2012
Over the last weeks I’ve received several additional variants of this scam. One claims to be a secure e-mail from Comerica bank and several others with nearly the same form claim to be from KeyBank. Since I don’t have accounts at either of these banks they are easily seen as fakes. You can expect that in a few months they will have broadened the net to include every major bank so be careful.