Abnormal Security removed the blog post after receiving legal notice from Zix. The company stands by the accuracy of its research. The report noted that the attack was sent using the secure email system Zix, which lends an air of credibility to the attack because Zix should ostensibly be verifying that the link isn’t malicious. The attacks were sent from a compromised Office 365 account, not ‘using’ a Zix product. Authentic Title, LLC, LLC who owns the compromised O365 account is not Zix customer.
Source: https://www.helpnetsecurity.com/2021/05/12/phishers-using-zix/