Cryptocurrency wallet service MetaMask has issued a warning to its users following Namecheap’s detection of the misuse of one of its third-party services for sending some unauthorized emails to MetaMask users.
On the evening of February 12, the web hosting firm Namecheap discovered that one of their third-party services had been abused to send some unwanted emails that specifically targeted users of MetaMask. The event was referred to by Namecheap as an “email gateway problem.”
In the proactive notice, MetaMask informed its million followers that it does not gather Know Your Customer (KYC) information and never emails customers to inquire about their accounts.
The hacker’s phishing emails include a link that launches a phony MetaMask website and asks for a private recovery phrase “to keep your wallet safe.”
Investors were cautioned by the wallet provider to avoid disclosing seed phrases since doing so gives hackers full access to the user’s assets.
NameCheap additionally reaffirmed that neither its services nor any customer information were compromised in this event. Namecheap stated that the mail service had been restored and that all messages will now come directly from the official source two hours after the original notification.
The major problem with sending unwanted emails, though, is still being looked at. Investors dealing with messages from MetaMask and Namecheap are recommended to double-check website URLs, email addresses, and points of contact.
Namecheap acknowledged being able to halt the fake emails and contacted their upstream supplier to address the issue on their end.
