Popular crypto wallet provider MetaMask warned investors against ongoing phishing attempts by scammers attempting to contact users through NameCheap’s third-party upstream system for emails.
On the evening of Feb. 12, web hosting company NameCheap detected the misuse of one of its third-party services for sending some unauthorized emails — which directly targeted MetaMask users. Namecheap described the incident as an “email gateway issue.”
⚠️MetaMask does not collect KYC info and will never email you about your account!
Do not enter your Secret Recovery Phrase on a website EVER.
If you got an email today from MetaMask or Namecheap or anyone else like this, ignore it & do not click its links!https://t.co/EP0HGZFOfo pic.twitter.com/4CDtne24OK
— MetaMask (@MetaMask) February 13, 2023
In the proactive alert, MetaMask reminded its million followers that it does not collect know-your-customer (KYC) information and will never reach out over an email to discuss account details.
The phishing emails sent by the hacker contain a link that opens a fake MetaMask website requesting Secret Recovery Phrase “to keep your wallet secure.”
The wallet provider advised investors to refrain from sharing seed phrases as it hands over complete control of the user’s funds to the hacker.
We would like to assure you that Namecheap’s own systems were not breached and your products, accounts and personal information remain secure.
We will update status post once the issue is solved https://t.co/2xJ362KF0f
— Namecheap.com (@Namecheap) February 13, 2023
NameCheap further confirmed that its services were not breached and that no customer data was leaked in this incident. Within two hours of the initial intimation, NameCheap confirmed that its mail delivery was restored and that all communications henceforth would be from the official source.
However, the main issue related to the mailing of unsolicited emails is still under investigation. Investors are advised to recheck website links, email addresses and points of contact when dealing with communications from MetaMask and NameCheap.
In January, a hacker used Google Ad services to steal nonfungible tokens (NFTs) and cryptocurrencies from investors.
Last night my entire digital livelihood was violated.
Every account connected to me both personally and professionally was hacked and used to hurt others.
Less importantly, I lost a life changing amount of my net worth
— NFT God (@NFT_GOD) January 15, 2023
NFT influencer NFT God lost “a life-changing amount” after accidentally downloading malicious software embedded in a Google advertisement.
The incident happened when the influencer used the Google search engine to download OBS, an open-source video streaming software. However, he clicked the link with a sponsored advertisement instead of the official link, which eventually led to the loss of funds.