Metamask Warns Users Of Phishing Attack After Namecheap Hacker Starts Sending Emails

Metamask, the self-custodial cryptocurrency wallet that supports Ethereum-based tokens, has warned its users of potential phishing attacks following the email hack on Namecheap, a domain name registrar and web hosting company.

In a tweet Monday, Metamask asked users to exercise caution since a suspected phishing attempt was being carried out by malicious actors. It also reminded users that it never emails its customers about their accounts and does not gather Know Your Customer (KYC) information.

Users were asked not to click any links from emails sent by either Metamask or Namecheap.

"MetaMask does not collect KYC info and will never email you about your account," Metamask tweeted. "Do not enter your Secret Recovery Phrase on a website EVER. If you got an email today from MetaMask or Namecheap or anyone else like this, ignore it & do not click its links!"

The warning came after Namecheap on Sunday uncovered misuse of one of its third-party services, which allowed cybercriminals to send unauthorized and malicious emails to Metamask users.

"We have evidence that the upstream system we use for sending emails is involved in the mailing of unsolicited emails to our clients. It was stopped immediately," Namecheap confirmed the hack in a tweet Sunday.

"We would like to assure you that Namecheap's systems were not breached and your products, accounts and personal information remain secure. We will update [the] status post once the issue is solved," the web hosting company added.

In another tweet, Namecheap confirmed the emails were stopped and that it had already communicated with its upstream provider to resolve the issue.

"We have evidence that [the] upstream system we use for sending emails is involved. Please ignore such emails and do not click on any links. Also, we have stopped the emails and contacted our upstream provider to resolve it," Namecheap said.

But, it looks like Metamask customers are not the only party affected by the Namecheap email hack.

A surge of phishing emails impersonating DHL also hit the inboxes of Namecheap customers over the weekend.

"Attempts have been made to defraud Internet shoppers by the unauthorized use of the DHL name and brand via email communications and graphics which appear, on the surface, to have originated from DHL," the logistics giant said on its website.

"In most cases, the communications concern the sale of consumer goods over the Internet where payment may be requested before the goods are delivered," it said, adding that "DHL does not request payment in this manner. DHL only collects money due for official DHL-related shipping expenses."