Bitcoin Forum

https://verification.metamask.io/KYC?id=000#64841111326

https://links.namecheap.com/u/click?_t=9a766a4fa5294d089b01463bac20344b&_m=1b699bc2cc4b4443902acbf08579a8e9&_e=GOqzxdKCe2yW5ALNwMNlGKI8mnal2JOhGtG8doDaX3WEay2S3F4qmqHdO8E4ivO0lKLmmsQcNBewiwSLFbECbIJvCC7stwH9d7a1GGV6Pxko-wt9k98db1QEf9EVT2vvc6-F3K4MyOXeca5R5oubY1yy7gTewyXzoZXjRAfopUxccBmpUEZ3PZhExySQVC-iOGTMW7T9xQ9dmd0sBMtVtOHCVS7CwdCT_O2yZajAssk%3D

Reserve

It seems their e-mail provider account was hacked. According to this news[1], other services also got hacked and send similar phishing emails such as DHL. They've stopped using Sendgrid according to the latest update, but it is unclear if the hacker also hacks other providers/services so better be careful. On the other hand, Twilio/Sendgrid claims there is no security incident in their system, so the exact reason is hard to figure out. Either one of them is lying, or both of them are at fault. Anyway, just don't click suspicious links from suspicious e-mails regardless of who sent them.

[1] https://www.bleepingcomputer.com/news/security/namecheaps-email-hacked-to-send-metamask-dhl-phishing-emails/

I just received this email from Namecheap on the recent unsolicited email, scammers are really this good they've been able to use the Namecheap support email to scam people, people should be discerning on every email that they receive that asks for linking up their wallet.

https://i.imgur.com/zaO7Guo.png

Metamask has also announced on Twitter (https://twitter.com/MetaMask/status/1625006237023866880) that this is a "SCAM" metamask has never asked for KYC nor any recovery seed phrases so this is clearly a scam from the phishing email.

But it's like the original Namecheap email, will every Namecheap user receive the email? I used to be a Namecheap user but I didn't receive any emails about this hot phishing.

Have there been any reports of this loss regarding scams launched via the Namecheap support email?

I received one after a few hours I received emails coming from Namecheap on confirmation about this phishing mail, I've been a Namecheap for many years and this is the first time it happens.
I'm glad that they are quick to respond but this is very alarming and should be a cause of concern glad that they address it quickly I hope it will not happen again, checking the link for an update

[IN PROGRESS] EMAIL GATEWAY ISSUE (https://www.namecheap.com/status-updates/archives/74848?utm_source=Iterable&utm_medium=email&utm_campaign=SERVICE_Platform_Unsolicited_Emails_20220212)

My concern is for newbies who don't know anything while they can see from the official email Namecheap sent phishing links of course at least some of them will believe some don't but I hope that doesn't happen so many fall victim though we know the reason behind asking for KYC or seed phrase is a classic scam we see a lot.

I read the link and am glad they came back Namecheap clarified the issue meaning all is back to normal and ignored the email asking for KYC.

They are still investigating this issue so they will update this at a later date.

What i received is different, it was a DHL delivery related email. It ask payment for shipping fee so it wont return to the seller which is a known scam idea, so i just ignore and move it to trashcan. I just bothered when namecheap email regarding the scam email which i thought it wasn't from them.

This is a 100% email spoofing which is easy to do by scammers/hackers.

https://talkimg.com/images/2023/11/14/zMgPl.png

If they know and understand that they should not entertain the idea of sending their private keys or passphrases to any site, they will have the idea that there is a possibility of phishing the most important thing here is knowledge and understanding the basic and cardinal rule of Cryptocurrency and that is not giving your private keys to any third party site the cardinal rule never change so always have suspicion when something is not right.

I wonder how a hacker could hack into a well-known service provider's email and still use it for the kind of scam a school kid could think of? At least he was using a service related to the company, such as resetting your email, writing down the password for your account, your website IP or anything that could be trusted.

All users should be careful when clicking on the email and reviewing whether there has been a hack or not?

Thank you, Shasan, for sharing this warning.
It is good that the Phishing links are not working now.

I see that, as Namecheap mentioned, its systems have not been hacked and that customers' products, accounts, and information are still safe. But the scammers sent spam messages by hacking into the email service provider's systems, and Namecheap blamed the upstream system, which is probably "SendGrid," according to the CEO of Namecheap on Twitter.

We all should not take any of our emails seriously and do our research before we submit our documents or send our private keys or recovery phrases even if the sender's email is official and belongs to MetaMask or others because scammers do not stop developing their methods.

Yes, but I believed otherwise though, I think it has something to do with the Twilio hack, it's just obvious that they don't want to admitted it for now.

So the first lesson for us is that we shouldn't click any unfamiliar links, not even images or something as it is very dangerous for us specially if our machines get compromised by this cyber criminals and steal our hard earn crypto.

Thank you shasan for this post. Although I have not received such mail yet but for the fact that you have created a thread for it, you have done well. There are million and one person's here that have no idea about this email circulating every where  but if they see this just as I have seen it now, they too would have the knowledge of what is happening and would be very cautious about such email if they eventually receive it. Hackers and scammers are now very  wise and smart that e will be thinking what they sent you is real and from the original source but unknown to you, they are hackers wanting to get your details so as to access your privacy and steal away your information. Every one must be careful the kind of mails they open and click on their system so as not to be victim of hackers

A big company's email is so easily hacked by hackers and it is a matter of concern when hackers use that email to scam people. The fact that the mail comes from the email address of such a big website like namecheap is enough to confuse crypto users. Because now many more popular websites may be hacked and scammers may try to scam the customers of that website in various ways.

Even meta mask has announced about this scam on twitter and here also, it is being told through this thread but still there will be many people fall for this phishing scam, which is sad indeed.

Usually, phishing emails comes from a fake address, but in this case, this email came from the original email which may have caused people to believe in it. Not everyone will go on the internet and search if MetaMask requires KYC or not.

Ignorance excuses no one if you're a meta mask user and do not understand the concept of Cryptocurrency you'll always be in trouble so I ask all my friends and those who I refer here in this industry that they should take time and read a lot of take the basic principle of Cryptocurrency by heart if you want to be safe and save your portfolio, the Cryptocurrency community is the most targetted community by hackers because so many invest without understanding the underlying principles and security.

That sounds impossible. But like most scammers in general they'll cast as many lines as they can. With the varying levels of security awareness of namecheap's customers, some of those who are also related to the crypto space may fall into this scam attempt.

This time maybe this scammer came out a little cool with that email domain, whereas before they could only use email forwarders that were automatically filtered to the spam folder.

It's not uncommon to hear bad news from metamatask about phishing, even though it's not from the official party, but scammers always have a way to shock the public, including asking for private keys or other types.
It's true that what's important about a basic understanding of cryptocurrency is not to provide a private key because that's entirely our right to know, not other people or relatives.

Likewise, I often see messages from fake emails with many variations, but this time it was indeed a stir from the namecheap support email that made big news, but at least by getting into the news in several big articles one can see that it was not all from metamask or Namecheap for denying it.

The repeated occurrence of such hacking proves two things. Either these services have become dependent on third parties. Those third parties do not assign themselves to develop security team, or that there is a huge bug in all these HW/SW and they do not know how to fix it, or that hackers have developed their methods and security methods are far away from it.

From now, I will stop trusting any email that comes from any service before  deeply checking the link provided.

Email spoofing as attack for phishing is common and easy to manipulate, so people should always be cautious of any kind of emails legit or looks like legit that ask payments for any transaction that you never did.
As namecheap uses third party api for their emails, this will probably look like the ledger incident where millions of emails and personal data where get accessed.

We have to check in more detail if suddenly an official email comes asking for a bill of payment or other private keys because I have experienced where there has been an incoming legitimate email with a bill printed even though I have never done anything after I checked more deeply about the suspicions so I ignored and after that they don't come again, so all forms that we suspect must be thoroughly examined whether it's true that we did it or there was email abuse on their part.

Namecheap's case is true it is their negligence that in the end, they will no longer believe.