Metamask has issued a note of warning to its users to be careful about a suspected phishing attempt being carried out by scammers. The wallet provider pointed out that the breach occurred from NameCheap’s system, opening up the scammers to the details of several users, including its own. In addition, Namecheap mentioned yesterday that it noticed that some of its third-party services had been breached, and some unsanctioned emails have been sent to users in the process.
Metamask refutes routine KYC checks
According to the statement released by Metamask, the firm noted that the malicious actors largely targeted emails of users attached to them. NameCheap also confirmed that it had suffered an issue with its email gateway, opening up users’ emails to malicious actors. In its statement, Metamask reminded its users that it would never carry out any KYC routine, and as such, users should not respond to any email to that effect.
The phishing link that the malicious actors sent to some users included a link that took users to a fake website built like Metamask. The website will then mandate users to enter their secret phase to complete their KYC and ensure the security of their accounts from bad actors.
NameCheap says the email system has been fixed
Metamask also mentioned that users should refrain from giving out or exposing their seed phrase to a third party. After the incident, NameCheap said its services were in perfect working condition as the hackers could not breach its security. The platform also mentioned that the affected email system had been fixed, and users will now get information directly from the official website. However, the company clarified that it is still looking into how the malicious actors found a loophole in the email service that exposed users’ details.
The website has also advised investors to crosscheck every website and link that they might be linking their wallets and entering their details before clicking on the approve button. This is another breach that has been occurring in the crypto sector as of late. At the beginning of the year, hackers stole digital assets and NFTs after they breached Google Ad services. A popular NFT influencer said he lost a huge amount to the bad actors after he mistakenly downloaded bad software. During the period, the influencer wanted to download a streaming app from google and ended up clicking a link which led to an ad instead of the original file.