Scam emails targeting Namecheap customers with DHL and MetaMask impersonations

Started by Domaining News, Feb 18, 2023, 02:42 AM

Previous topic - Next topic

Domaining NewsTopic starter

Namecheap's email service was hacked, and fake emails were sent out that resembled DHL and MetaMask.

The web hosting company and domain name registrar had its email system compromised and hundreds of fraudulent emails were sent under the guise of DHL and MetaMask. In December of last year, Namecheap's email platform SendGrid had its API credentials leaked, and it is believed that this attack is a continuation of that.

After SendGrid was compromised, hundreds of subscribers received false emails claiming to be from DHL and MetaMask. The DHL emails claimed that the user's package could not be delivered due to unpaid fees, while the MetaMask emails warned users about the suspension of their wallets unless they entered their Secret Recovery Phrase. Once these legitimate-looking fraudulent websites obtained the user information, hackers could use it as if it were their own.

The Namecheap support team released a statement acknowledging the issue and advising customers to ignore any suspicious emails and not click on any links. They also stated that they had stopped all emails, including Auth codes delivery, Trusted Devices' verification, and Password Reset emails, and contacted their upstream provider to resolve the situation. Two hours later, Namecheap added an update stating that mail delivery had been restored and they were continuing to investigate the matter of unsolicited emails.

It is important for users to be cautious of emails that ask for personal information or request actions, especially when they appear to come from legitimate sources. Always verify the authenticity of emails by checking with the company directly or visiting their official website.


Beware of scam emails that target Namecheap customers using impersonations of DHL and MetaMask. These fraudulent emails aim to deceive recipients into providing personal information or carrying out malicious actions.

It is crucial to be vigilant and cautious when receiving any email claiming to be from Namecheap, DHL, or MetaMask. Here are some important points to keep in mind:

1. Verify the sender: Check the email address of the sender to ensure it is legitimate. Scammers often alter email addresses slightly to appear genuine, so pay close attention to any discrepancies.

2. Watch for suspicious requests: Be cautious of any email requesting personal information, account details, passwords, or financial data. Legitimate companies would not ask for such information via email.

3. Check the email content: Look for signs of poor grammar, spelling errors, or generic greetings, as these are common indicators of scam emails. Legitimate companies typically have professional email communications.

4. Hover over links: Before clicking on any links within an email, hover over them to see the actual URL. Scammers often use deceptive links that redirect to fraudulent websites.

5. Be wary of urgent or threatening language: Scammers often create a sense of urgency or use intiŠ¼idation to prompt immediate action. Take your time to verify the authenticity of the email before proceeding.

In the case of suspicious emails targeting Namecheap customers specifically, it is advisable to report these incidents to Namecheap's support team. They can investigate and take appropriate action to protect their customers.

Additionally, staying informed about the latest scams and security practices can help you stay one step ahead of potential threats. Regularly check official communication channels, such as Namecheap's website or official social media accounts, for any updates or alerts about ongoing scams and how to protect yourself.

Here are a few more important points to consider:

Be cautious of email attachments: Scam emails may contain malicious attachments that can infect your computer or device with malware or ransomware. Avoid opening any attachments from unknown or suspicious sources.

Look for signs of unprofessionalism: Pay attention to the overall presentation and tone of the email. Legitimate companies usually maintain a level of professionalism in their communications. Poor formatting, unusual language, or inconsistent branding can be red flags.

Keep your software up to date: Regularly update your operating system, antivirus software, web browsers, and other applications to ensure you have the latest security patches that protect against known vulnerabilities.

Educate yourself and others: Stay informed about the latest types of phishing scams and educate yourself on how to spot them. Share this knowledge with family, friends, and colleagues to help protect them as well.

Report suspicious emails: If you receive a scam email targeting Namecheap customers or any other phishing attempt, report it to Namecheap or the respective company being impersonated. You can also report it to your local authorities or cybersecurity organizations, such as the Anti-Phishing Working Group (APWG) or the Internet Crime Complaint Center (IC3).