Web hosting company Namecheap becomes the target of an email phishing campaign as its upstream system for emails gets compromised. The attacker impersonated crypto firm DHL and the crypto wallet MetaMask in fake emails sent on Namecheap’s behalf to users.
“We have evidence that the upstream system we use for sending emails is involved in the mailing of unsolicited emails to our clients. It was stopped immediately,” Namecheap tweeted.
Namecheap’s own systems were not breached, and user products, accounts, and personal information remain secure, the firm stated.
Namecheap discovered that some illicit emails were being sent to users of MetaMask and DHL using its third-party service SendGrid.
The hacker’s phishing emails contain a link that launches a fraudulent MetaMask website and asks for a private recovery phrase “to keep your wallet secure.” The phishing email that purported to be from DHL looked like an invoice for delivery fees.
Metamask alerted its users following the event, “MetaMask does not collect KYC info and will never email you about your account! Do not enter your Secret Recovery Phrase on a website EVER.”
Namecheap said that mail delivery had been restored two hours after acknowledging the phishing attempt. The team will continue to investigate the issue with the mailing of unsolicited emails.
Last month, NFT influencer “NFT God” faced a life-changing phishing attack in the form of Google Ads malware, violating his entire digital livelihood. The phishing attack was possible because NFT God set up Ledger as a hot wallet instead of a cold wallet on his new computer.
Subscribe to The Crypto Times for more Updates about Crypto Hacks!!
