>
Hackers have managed to use Namecheap’s inbox to send phishing emails to the company’s customers.
Namecheap users have flocked to Twitter to warn about the scam, which is posing as DHL or the cryptocurrency hot wallet, MetaMask. The DHL emails claimed that victims had to pay a delivery fee to receive a package, while the MetaMask email urged victims to complete the KYC (Know Your Customer) process or remove access to their wallets. to lose.
The company blamed a third party for the incident, but that third party denied being compromised.
Blaming the email delivery service
Both emails contained a link that redirected victims to a landing page designed to steal sensitive information.
Shortly afterward, Namecheap CEO Richard Kirkendall confirmed the company’s email compromise, saying the company had disabled sending via SendGrid while the investigation was ongoing. Sendgrid is an email delivery service that Namecheap commonly uses to send renewal notices and newsletters.
Later, Kirkendall blamed an “upstream system” for the incident, saying that Namecheap itself had not been compromised.
“We have evidence that the upstream system we use to send emails (third party) is involved in sending unsolicited emails to our customers. As a result, some unauthorized emails may have been received by you the company said. “We want to assure you that Namecheap’s own systems have not been breached and that your products, accounts and personal information remain safe.”
Kirkendall did not mention that upstream system, leading some sources to assume he was referring to SendGrid. However, the email delivery service said it wasn’t them, causing further confusion.
“This situation is not a result of a hack or compromise of the Twilio network,” said Twilio SendGrid. “We are still investigating the situation and cannot provide any additional information at this time.”
Through: Beeping computer (opens in new tab)