ProtonMail is sending a warning urging all users of the end-to-end encrypted email service to be on the lookout for phishing scams impersonating ProtonMail.
“Dear ProtonMail user, over the last few days we have noticed an unusually high number of phishing attempts targeting ProtonMail accounts. To help keep your account safe, we want to remind you of a few security tips,” reads the warning.
Users are told to look for the “star” that indicates the email is from the provider, to avoid clicking on links or attachments if the email looks or feels suspicious in any way, and more (full text body in the embedded tweet below, courtesy of Catalin Cimpanu).
ProtonMail just sent out a phishing warning pic.twitter.com/VqKUZehNnF
— Catalin Cimpanu (@campuscodi) May 3, 2018
The company says phishing is the most common attack vector employed by cybercrooks, and urges users to watch out for any suspicious correspondence hitting their inbox.
ProtonMail is an end-to-end encrypted email service founded in 2014 at the CERN research facility. It uses client-side encryption to protect email contents and user data before they are sent to ProtonMail servers, unlike the more common email services out there.
The service uses a combination of public-key cryptography and symmetric encryption protocols to achieve end-to-end encryption, and includes the option to log in with a “two-password mode” that requires a login password and a password for the mailbox. The service is also secured by the industry-standard two-factor-authentication (2FA) protocol.
Since ProtonMail stores decryption keys only in their encrypted form, bad actors can’t retrieve user emails nor reset user mailbox passwords. Thus, the only way (or at least one of the few ways) they can get their hands on a ProtonMail account is through a phishing campaign that tricks users into inputting their credentials.