Early Sunday morning, February 12, 2023, hackers invaded the e mail account of a popular domain registrar. Following this, a lot of people were phished with emails claiming to be from Metamask and DHL. These emails were sent out using the Sendgrid platform, a service utilized by Namecheap for promotional messages.
Namecheap Confirms Breach of an Email Account and Disables Sendgrid Services
Multiple reports show that Namecheap was hacked on Sunday and the hackers used the company’s email account to their advantage by using the Sendgrid service. Namecheap CEO Richard Kirkendall confirmed that the breach had taken place and stated that the company had disabled Sendgrid services. “To be clear, the issue was with a third-party provider we use to send out our newsletter,” Kirkendall tweeted. “None of our own systems and customer accounts were breached. I sent a follow-up email to all affected customers. The domains that were linked to the original phishing emails were also disabled.”
According to customers who examined the emails, they found out that the links led to a phishing campaign meant to steal customer data. For instance, one of the Metamask emails sent to a fake website, which tried to get the customer to enter their recovery phrase. Metamask also tweeted about the Namecheap email and advised recipients to ignore the messages. “Metamask does not collect KYC information and will never email you about your account,” the company’s Twitter account said. Web3 Wallet Agency added:
Never enter your Recovery Passphrase on a website. If you receive an email from Metamask or Namecheap, you can ignore this message and don’t click on the links.
Phishing attacks have been on the rise lately and hackers employ a variety of tactics to gain people’s personal information. The DHL phishing email reportedly provided the customer with a bill to input payment information to solve the fake issue. If a customer provides data that is similar to their mnemonic recovery phrase or other financial information, hackers can easily take money from their account.
According to Beehive Cybersecurity, members of the Namecheap team moved quickly to fix the problem. “We would like to assure that when we notified Namecheap of this ourselves, they acted quickly and took it seriously,” Beehive Cybersecurity tweeted. “This is the kind of response we like to see from registrars.”
What measures can you take to protect yourself from phishing attacks like these? Please share your thoughts and strategies in the comment section.
