The developers of the non-custodial crypto wallet MetaMask warned users about phishing attacks through a third-party email service.
⚠️MetaMask does not collect KYC info and will never email you about your account!
Do not enter your Secret Recovery Phrase on a website EVER.
If you got an email today from MetaMask or Namecheap or anyone else like this, ignore it & do not click its links!https://t.co/EP0HGZFOfo pic.twitter.com/4CDtne24OK— MetaMask 🦊💙 (@MetaMask) February 13, 2023
“MetaMask does not collect KYC-information and will never send you an email about your account! NEVER enter your recovery passphrase on a website. If you receive an email from MetaMask, Namecheap, or anyone else, please ignore it and do not click on the link,” wrote the MetaMask team.
Email service provider Namecheap has confirmed that malicious messages were sent through its service. According to the statement, email systems were not hacked and user data was not affected.
We have evidence that the upstream system we use for sending emails is involved in the mailing of unsolicited emails to our clients. It was stopped immediately.
— Namecheap.com (@Namecheap) February 13, 2023
Teams are continuing to investigate the incident and are warning users to double-check links from MetaMask or Namecheap. The developers of the latter noted that they cannot yet prevent the sending of fraudulent emails. They took the problem to the upstream service provider.
Hi, we have evidence that upstream system we use for sending emails is involved. Please ignore such emails and do not click on any links. Also, we have stopped the emails and contacted our upstream provider to resolve it: https://t.co/2xJ362KF0f
— Namecheap.com (@Namecheap) February 13, 2023
Recall that in early February, the MetaMask team added the option to change RPC-provider.
Found a mistake in the text? Select it and press CTRL+ENTER
ForkLog Newsletters: Keep your finger on the pulse of the bitcoin industry!