Namecheap Email Account Breach Leads to MetaMask Phishing Campaign
In a recent turn of events, the domain registrar, Namecheap, had their email account breached on Sunday night, leading to a surge of phishing emails that targeted users’ personal information and cryptocurrency wallets. The phishing emails, which originated from SendGrid, a platform used by Namecheap for sending renewal notices and marketing emails, started around 4:30 PM ET.
The phishing emails impersonated either DHL or MetaMask, with the former claiming to be a bill for a delivery fee and the latter appearing to be a required KYC verification. The MetaMask phishing email prompted users to complete KYC verification to avoid suspension of their wallet and included a marketing link that redirected users to a phishing page.
Beware of phishing emails coming out of @Namecheap’s @SendGrid account. DHL, MetaMask, digitally signed with DKIM. Looks like low level hackers were able to get into their systems. PII looks to be exposed. pic.twitter.com/IuLE8mo2w6
— Kathy Zant (@kathyzant) February 12, 2023
However, MetaMask, a popular Ethereum wallet, has issued a warning to users, stating that they do not collect KYC information and will never email users about their account. The company also warned users never to enter their secret recovery phrase or private key on any website and to immediately delete any such emails received.
⚠️MetaMask does not collect KYC info and will never email you about your account!
Do not enter your Secret Recovery Phrase on a website EVER.
If you got an email today from MetaMask or Namecheap or anyone else like this, ignore it & do not click its links!https://t.co/EP0HGZFOfo pic.twitter.com/4CDtne24OK
— MetaMask 🦊💙 (@MetaMask) February 13, 2023
“We are writing to inform you that in order to continue using our wallet service, it is important to obtain KYC (Know Your Customer) verification. KYC verification helps us to ensure that we are providing our services to legitimate customers. By completing KYC verification, you will be able to securely store, withdraw, and transfer funds without any interruptions. It also helps us to protect you against financial fraud and other security threats. We urge you to complete KYC verification as soon as possible to avoid suspension of your wallet.” MetaMask said.
NameCheap reiterated that its systems were not hacked and no customer information was compromised during the recent event. Within a quick response time of two hours from the initial notification, NameCheap announced that its email services were fully operational and all communications would be from the official NameCheap source.
We would like to assure you that Namecheap’s own systems were not breached and your products, accounts and personal information remain secure.
We will update status post once the issue is solved https://t.co/2xJ362KF0f
— Namecheap.com (@Namecheap) February 13, 2023
The recent Namecheap email account breach has led to a surge of phishing emails targeting users’ personal information and cryptocurrency wallets. If you received any such emails, it is advised to immediately delete them and not to click on any links. Always be cautious and verify the source of any emails before providing any personal information or entering your secret recovery phrase or private key.
- MetaMask Has Warned That Apple Users Are At Risk Of Phishing Attacks
- Sam Bankman-Fried Denied Involvement In The Recent Movement Of Funds From Alameda Research Wallets
- Here’s Why Robert Kiyosaki Is Buying More Bitcoin Right Now