Security News > 2023 > February > DHL, MetaMask phishing emails target Namecheap customers

A surge of phishing emails impersonating DHL and MetaMask have started hitting inboxes of Namecheap customers last week, attempting to trick recipients into sharing personal information or sharing their crypto wallet's secret recovery phrase.
The emails look like they were sent by Namecheap, prompting recipients to complain to the company, which then started an investigation and soon after reacted by stopping all the emails.
Namecheap said that their own systems were not breached, and blamed the spam campaing on the upstream third-party system they use for sending emails.
Namecheap uses cloud-based platform SendGrid to deliver its emails.
Twillio is also investigating the matter, but claims that its network hasn't been hacked, so for now everything points to Namecheap's SendGrid account having been compromised.
Namecheap has yet to comment on what type of information was accessible to the attackers via that account, but it's obvious that customer email addresses wereused.
News URL
https://www.helpnetsecurity.com/2023/02/13/dhl-metamask-phishing-namecheap/
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Beware: PayPal "New Address" feature abused to send phishing emails (source)
- Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails (source)
- Coinbase phishing email tricks users with fake wallet migration (source)
- Why it's time for phishing prevention to move beyond email (source)
- New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records (source)
- PoisonSeed phishing campaign behind emails with wallet seed phrases (source)