- blurtl
- Posts
- MetaMask Issues Warning Following Namecheap Phishing Attack
MetaMask Issues Warning Following Namecheap Phishing Attack
Namecheap, a domain name registrar, has been the target of a large-scale phishing campaign that resulted in the compromise of its email account. The phishing campaign was executed through the email platform used by Namecheap, SendGrid, and was carried out by hackers who gained unauthorized access. The phishing campaign was aimed at stealing cryptocurrency from potentially thousands of Namecheap users.
The phishing emails, which appeared to be from delivery firm DHL or crypto wallet MetaMask, tricked users into clicking a link that directed them to a fake page. The page requested their private key or secret recovery phrase, which the attackers then used to steal funds from the victims' wallets.
Namecheap was quick to respond to the attack and stop the unsolicited emails from being sent to its clients. In a statement, Namecheap said, "We have evidence that the upstream system we use for sending emails is involved in the mailing of unsolicited emails to our clients. It was stopped immediately.”
MetaMask also released a statement warning its users to be cautious of unsolicited emails claiming to be from the team. The statement read, "If you got an email today from MetaMask or Namecheap or anyone else like this, ignore it & do not click its links!"
⚠️MetaMask does not collect KYC info and will never email you about your account!
Do not enter your Secret Recovery Phrase on a website EVER.
If you got an email today from MetaMask or Namecheap or anyone else like this, ignore it & do not click its links!
bleepingcomputer.com/news/security/…— MetaMask 🦊💙 (@MetaMask)
5:37 AM • Feb 13, 2023
Phishing is a serious threat in the digital world and can result in the theft of sensitive information, including the seed phrase of crypto wallets. Phishing campaigns are usually carried out through fake websites or emails that appear to be legitimate and trick victims into entering their sensitive information. The information is then used for fraudulent activities, such as identity theft or unauthorized access to financial accounts.
It is important for all individuals, especially those who hold cryptocurrency, to be aware of phishing attacks and to take the necessary precautions to protect their sensitive information and assets. If you receive an unsolicited email or visit a website that seems suspicious, it is best to ignore it and not click any links.