Email security, Vulnerability Management

Phishing campaigns launched after Namecheap breach

Share

Several phishing emails spoofing DHL or MetaMask have been sent in an attempt to exfiltrate personal data and cryptocurrency wallets after domain registrar Namecheap had its email account breached, reports BleepingComputer. Attackers behind the phishing campaigns have leveraged Namecheap's SendGrid account, which is used by the company for marketing email and renewal notice delivery, with the company disabling emails through the platform upon the discovery of the breach. Such an incident may have been associated with the reported exposure of API keys belonging to SendGrid, MailChimp, and Mailgun in mobile apps, according to Namecheap CEO Richard Kirkendall. "We would like to assure you that Namecheaps own systems were not breached, and your products, accounts, and personal information remain secure," said Namecheap in a statement. However, Twilio SendGrid refuted that the incident stemmed from a compromise of its systems. "We are aware of the situation regarding the use of our platform to launch phishing email and our fraud, compliance, and cyber security teams are engaged in the matter. This situation is not the result of a hack or compromise of Twilios network," said Twilio.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.