Pages:
Author

Topic: Phishing email from Namecheap (Read 196 times)

hero member
Activity: 1596
Merit: 785
Bitcoin To The Moon 📈📈📈
February 15, 2023, 03:20:54 PM
#21
Usually, phishing emails comes from a fake address, but in this case, this email came from the original email which may have caused people to believe in it. Not everyone will go on the internet and search if MetaMask requires KYC or not.
Likewise, I often see messages from fake emails with many variations, but this time it was indeed a stir from the namecheap support email that made big news, but at least by getting into the news in several big articles one can see that it was not all from metamask or Namecheap for denying it.
Email spoofing as attack for phishing is common and easy to manipulate, so people should always be cautious of any kind of emails legit or looks like legit that ask payments for any transaction that you never did.
As namecheap uses third party api for their emails, this will probably look like the ledger incident where millions of emails and personal data where get accessed.
We have to check in more detail if suddenly an official email comes asking for a bill of payment or other private keys because I have experienced where there has been an incoming legitimate email with a bill printed even though I have never done anything after I checked more deeply about the suspicions so I ignored and after that they don't come again, so all forms that we suspect must be thoroughly examined whether it's true that we did it or there was email abuse on their part.

Namecheap's case is true it is their negligence that in the end, they will no longer believe.
hero member
Activity: 1330
Merit: 736
Top Crypto Casino
February 15, 2023, 12:12:58 PM
#20
Usually, phishing emails comes from a fake address, but in this case, this email came from the original email which may have caused people to believe in it. Not everyone will go on the internet and search if MetaMask requires KYC or not.
Likewise, I often see messages from fake emails with many variations, but this time it was indeed a stir from the namecheap support email that made big news, but at least by getting into the news in several big articles one can see that it was not all from metamask or Namecheap for denying it.
Email spoofing as attack for phishing is common and easy to manipulate, so people should always be cautious of any kind of emails legit or looks like legit that ask payments for any transaction that you never did.
As namecheap uses third party api for their emails, this will probably look like the ledger incident where millions of emails and personal data where get accessed.
legendary
Activity: 2464
Merit: 3548
Buy/Sell crypto at BestChange
February 15, 2023, 11:13:35 AM
#19
The repeated occurrence of such hacking proves two things. Either these services have become dependent on third parties. Those third parties do not assign themselves to develop security team, or that there is a huge bug in all these HW/SW and they do not know how to fix it, or that hackers have developed their methods and security methods are far away from it.

From now, I will stop trusting any email that comes from any service before  deeply checking the link provided.
hero member
Activity: 1442
Merit: 771
February 15, 2023, 06:44:00 AM
#18
If they know and understand that they should not entertain the idea of sending their private keys or passphrases to any site, they will have the idea that there is a possibility of phishing the most important thing here is knowledge and understanding the basic and cardinal rule of Cryptocurrency and that is not giving your private keys to any third party site the cardinal rule never change so always have suspicion when something is not right.
It's not uncommon to hear bad news from metamatask about phishing, even though it's not from the official party, but scammers always have a way to shock the public, including asking for private keys or other types.
It's true that what's important about a basic understanding of cryptocurrency is not to provide a private key because that's entirely our right to know, not other people or relatives.

Usually, phishing emails comes from a fake address, but in this case, this email came from the original email which may have caused people to believe in it. Not everyone will go on the internet and search if MetaMask requires KYC or not.
Likewise, I often see messages from fake emails with many variations, but this time it was indeed a stir from the namecheap support email that made big news, but at least by getting into the news in several big articles one can see that it was not all from metamask or Namecheap for denying it.
hero member
Activity: 2002
Merit: 633
Your keys, your responsibility
February 15, 2023, 12:46:50 AM
#17
I wonder how a hacker could hack into a well-known service provider's email and still use it for the kind of scam a school kid could think of?

That sounds impossible. But like most scammers in general they'll cast as many lines as they can. With the varying levels of security awareness of namecheap's customers, some of those who are also related to the crypto space may fall into this scam attempt.

This time maybe this scammer came out a little cool with that email domain, whereas before they could only use email forwarders that were automatically filtered to the spam folder.
hero member
Activity: 2856
Merit: 564
February 14, 2023, 06:31:04 PM
#16
Metamask has also announced on Twitter that this is a "SCAM" metamask has never asked for KYC nor any recovery seed phrases so this is clearly a scam from the phishing email.

But it's like the original Namecheap email, will every Namecheap user receive the email? I used to be a Namecheap user but I didn't receive any emails about this hot phishing.

Have there been any reports of this loss regarding scams launched via the Namecheap support email?

Even meta mask has announced about this scam on twitter and here also, it is being told through this thread but still there will be many people fall for this phishing scam, which is sad indeed.

Usually, phishing emails comes from a fake address, but in this case, this email came from the original email which may have caused people to believe in it. Not everyone will go on the internet and search if MetaMask requires KYC or not.

Ignorance excuses no one if you're a meta mask user and do not understand the concept of Cryptocurrency you'll always be in trouble so I ask all my friends and those who I refer here in this industry that they should take time and read a lot of take the basic principle of Cryptocurrency by heart if you want to be safe and save your portfolio, the Cryptocurrency community is the most targetted community by hackers because so many invest without understanding the underlying principles and security.
legendary
Activity: 2926
Merit: 1158
February 14, 2023, 03:24:32 PM
#15
Metamask has also announced on Twitter that this is a "SCAM" metamask has never asked for KYC nor any recovery seed phrases so this is clearly a scam from the phishing email.

But it's like the original Namecheap email, will every Namecheap user receive the email? I used to be a Namecheap user but I didn't receive any emails about this hot phishing.

Have there been any reports of this loss regarding scams launched via the Namecheap support email?

Even meta mask has announced about this scam on twitter and here also, it is being told through this thread but still there will be many people fall for this phishing scam, which is sad indeed.

Usually, phishing emails comes from a fake address, but in this case, this email came from the original email which may have caused people to believe in it. Not everyone will go on the internet and search if MetaMask requires KYC or not.
hero member
Activity: 1694
Merit: 719
Top Crypto Casino
February 14, 2023, 03:12:03 PM
#14
I just received this email from Namecheap on the recent unsolicited email, scammers are really this good they've been able to use the Namecheap support email to scam people, people should be discerning on every email that they receive that asks for linking up their wallet.

A big company's email is so easily hacked by hackers and it is a matter of concern when hackers use that email to scam people. The fact that the mail comes from the email address of such a big website like namecheap is enough to confuse crypto users. Because now many more popular websites may be hacked and scammers may try to scam the customers of that website in various ways.
sr. member
Activity: 686
Merit: 411
MetaWin.com
February 14, 2023, 02:38:40 PM
#13
Thank you shasan for this post. Although I have not received such mail yet but for the fact that you have created a thread for it, you have done well. There are million and one person's here that have no idea about this email circulating every where  but if they see this just as I have seen it now, they too would have the knowledge of what is happening and would be very cautious about such email if they eventually receive it. Hackers and scammers are now very  wise and smart that e will be thinking what they sent you is real and from the original source but unknown to you, they are hackers wanting to get your details so as to access your privacy and steal away your information. Every one must be careful the kind of mails they open and click on their system so as not to be victim of hackers
hero member
Activity: 1260
Merit: 515
February 14, 2023, 01:46:02 PM
#12
It seems their e-mail provider account was hacked. According to this news[1], other services also got hacked and send similar phishing emails such as DHL. They've stopped using Sendgrid according to the latest update, but it is unclear if the hacker also hacks other providers/services so better be careful. On the other hand, Twilio/Sendgrid claims there is no security incident in their system, so the exact reason is hard to figure out. Either one of them is lying, or both of them are at fault. Anyway, just don't click suspicious links from suspicious e-mails regardless of who sent them.

[1] https://www.bleepingcomputer.com/news/security/namecheaps-email-hacked-to-send-metamask-dhl-phishing-emails/

Yes, but I believed otherwise though, I think it has something to do with the Twilio hack, it's just obvious that they don't want to admitted it for now.

So the first lesson for us is that we shouldn't click any unfamiliar links, not even images or something as it is very dangerous for us specially if our machines get compromised by this cyber criminals and steal our hard earn crypto.
legendary
Activity: 1652
Merit: 1323
February 14, 2023, 01:38:23 PM
#11
Thank you, Shasan, for sharing this warning.
It is good that the Phishing links are not working now.

I see that, as Namecheap mentioned, its systems have not been hacked and that customers' products, accounts, and information are still safe. But the scammers sent spam messages by hacking into the email service provider's systems, and Namecheap blamed the upstream system, which is probably "SendGrid," according to the CEO of Namecheap on Twitter.

We all should not take any of our emails seriously and do our research before we submit our documents or send our private keys or recovery phrases even if the sender's email is official and belongs to MetaMask or others because scammers do not stop developing their methods.
legendary
Activity: 1540
Merit: 1274
February 14, 2023, 10:01:42 AM
#10
I wonder how a hacker could hack into a well-known service provider's email and still use it for the kind of scam a school kid could think of? At least he was using a service related to the company, such as resetting your email, writing down the password for your account, your website IP or anything that could be trusted.

All users should be careful when clicking on the email and reviewing whether there has been a hack or not?
hero member
Activity: 2786
Merit: 568
Leading Crypto Sports Betting & Casino Platform
February 14, 2023, 09:17:56 AM
#9
/skip//

I received one after a few hours I received emails coming from Namecheap on confirmation about this phishing mail, I've been a Namecheap for many years and this is the first time it happens.
I'm glad that they are quick to respond but this is very alarming and should be a cause of concern glad that they address it quickly I hope it will not happen again, checking the link for an update

[IN PROGRESS] EMAIL GATEWAY
My concern is for newbies who don't know anything while they can see from the official email Namecheap sent phishing links of course at least some of them will believe some don't but I hope that doesn't happen so many fall victim though we know the reason behind asking for KYC or seed phrase is a classic scam we see a lot.

I read the link and am glad they came back Namecheap clarified the issue meaning all is back to normal and ignored the email asking for KYC.

They are still investigating this issue so they will update this at a later date.

If they know and understand that they should not entertain the idea of sending their private keys or passphrases to any site, they will have the idea that there is a possibility of phishing the most important thing here is knowledge and understanding the basic and cardinal rule of Cryptocurrency and that is not giving your private keys to any third party site the cardinal rule never change so always have suspicion when something is not right.
hero member
Activity: 1330
Merit: 736
Top Crypto Casino
February 13, 2023, 11:01:41 PM
#8
What i received is different, it was a DHL delivery related email. It ask payment for shipping fee so it wont return to the seller which is a known scam idea, so i just ignore and move it to trashcan. I just bothered when namecheap email regarding the scam email which i thought it wasn't from them.

This is a 100% email spoofing which is easy to do by scammers/hackers.


hero member
Activity: 1442
Merit: 771
February 13, 2023, 11:38:06 AM
#7
/skip//

I received one after a few hours I received emails coming from Namecheap on confirmation about this phishing mail, I've been a Namecheap for many years and this is the first time it happens.
I'm glad that they are quick to respond but this is very alarming and should be a cause of concern glad that they address it quickly I hope it will not happen again, checking the link for an update

[IN PROGRESS] EMAIL GATEWAY
My concern is for newbies who don't know anything while they can see from the official email Namecheap sent phishing links of course at least some of them will believe some don't but I hope that doesn't happen so many fall victim though we know the reason behind asking for KYC or seed phrase is a classic scam we see a lot.

I read the link and am glad they came back Namecheap clarified the issue meaning all is back to normal and ignored the email asking for KYC.

They are still investigating this issue so they will update this at a later date.
legendary
Activity: 3192
Merit: 1198
#SWGT CERTIK Audited
February 13, 2023, 11:08:51 AM
#6
Metamask has also announced on Twitter that this is a "SCAM" metamask has never asked for KYC nor any recovery seed phrases so this is clearly a scam from the phishing email.

But it's like the original Namecheap email, will every Namecheap user receive the email? I used to be a Namecheap user but I didn't receive any emails about this hot phishing.

Have there been any reports of this loss regarding scams launched via the Namecheap support email?

I received one after a few hours I received emails coming from Namecheap on confirmation about this phishing mail, I've been a Namecheap for many years and this is the first time it happens.
I'm glad that they are quick to respond but this is very alarming and should be a cause of concern glad that they address it quickly I hope it will not happen again, checking the link for an update

[IN PROGRESS] EMAIL GATEWAY ISSUE
Quote
Update@: 00:08 UTC | 07:08 PM EST

Dear Customers,

We are glad to let you know that the mail delivery has been restored, so you should receive emails from Namecheap as usual from now on.

We continue to investigate the issue with the mailing of unsolicited emails. We will keep you updated on the matter.

Thank you for your patience and understanding.
hero member
Activity: 1442
Merit: 771
February 13, 2023, 09:24:46 AM
#5
Metamask has also announced on Twitter that this is a "SCAM" metamask has never asked for KYC nor any recovery seed phrases so this is clearly a scam from the phishing email.

But it's like the original Namecheap email, will every Namecheap user receive the email? I used to be a Namecheap user but I didn't receive any emails about this hot phishing.

Have there been any reports of this loss regarding scams launched via the Namecheap support email?
full member
Activity: 2240
Merit: 175
Chainjoes.com
February 13, 2023, 08:47:57 AM
#4
I just received this email from Namecheap on the recent unsolicited email, scammers are really this good they've been able to use the Namecheap support email to scam people, people should be discerning on every email that they receive that asks for linking up their wallet.

legendary
Activity: 2142
Merit: 1785
February 13, 2023, 08:47:33 AM
#3
It seems their e-mail provider account was hacked. According to this news[1], other services also got hacked and send similar phishing emails such as DHL. They've stopped using Sendgrid according to the latest update, but it is unclear if the hacker also hacks other providers/services so better be careful. On the other hand, Twilio/Sendgrid claims there is no security incident in their system, so the exact reason is hard to figure out. Either one of them is lying, or both of them are at fault. Anyway, just don't click suspicious links from suspicious e-mails regardless of who sent them.

[1] https://www.bleepingcomputer.com/news/security/namecheaps-email-hacked-to-send-metamask-dhl-phishing-emails/
copper member
Activity: 2128
Merit: 1241
Need a Bounty Manager? t.me/shasan32
February 12, 2023, 11:00:09 PM
#2
Reserve
Pages:
Jump to: