Hackers attack domain registrar Namecheap; Flood of DHL and Metamask phishing emails follow –

On Sunday, February 12, 2023, domain registrar Namecheap’s email account was compromised by hackers. Subsequently, a large number of people received phishing emails claiming to be from Metamask and DHL. These emails come from the Sendgrid email platform, a service used by Namecheap for marketing correspondence.

Namecheap confirms email account compromise and disables Sendgrid services

Multiple reports indicate that Namecheap was breached on Sunday and hackers used the company’s email account through the Sendgrid service. Namecheap CEO Richard Kirkendall confirmed the compromise and said the company had disabled Sendgrid services. “To be clear, the problem was with a third party that we use to send our newsletter,” Kirkendall tweeted. “None of our own systems or customer accounts were breached. I’ve sent a follow-up email to all affected users. The domains linked in the original phishing emails have also been deactivated.”

According to users examining the emails sent, the links led to a phishing campaign that attempted to steal the user’s private information. For example, the metamask email led to a fake website that attempted to trick the user into entering their mnemonic recovery phrase. metamask too tweeted over the Namecheap emails and instructed recipients to ignore the messages. “Metamask does not collect any KYC information and will never email you about your account,” the company tweeted. The Wallet-Company Web3 added:

NEVER enter your recovery secret phrase on any website. If you received an email today from Metamask or Namecheap or anyone else like this, ignore it and don’t click on the links!

Phishing attacks have been common in recent years, and hackers have used various methods to access people’s private information. According to reports, the DHL phishing email aims to provide the user with an invoice in order to trick them into entering payment information in order to solve the fake issue. Once a user provides information like their recovery mnemonic phrase or other financial information, hackers can withdraw the funds from the account.

According to Beehive Cybersecurity, Namecheap team members took immediate action to resolve the issue. “We would like to vouch for the fact that when we informed ourselves about this, Namecheap acted immediately and took it seriously,” beehive Cybersecurity tweeted. “This is the A game of what we like to see from registrars.”

What steps could you take to protect yourself from phishing attacks like this one? Share your thoughts and strategies in the comments below.

Jamie Redman

Jamie Redman is the news director at Bitcoin.com News and a Florida-based financial technology journalist. Redman has been an active member of the cryptocurrency community since 2011. He has a passion for bitcoin, open source code and decentralized applications. Since September 2015, Redman has written more than 6,000 articles for Bitcoin.com News about today’s emerging disruptive protocols.

photo credit: Shutterstock, Pixabay, WikiCommons