Several phishing emails spoofing DHL or MetaMask have been sent in an attempt to exfiltrate personal data and cryptocurrency wallets after domain registrar Namecheap had its email account breached, reports BleepingComputer.
Attackers behind the phishing campaigns have leveraged Namecheap's SendGrid account, which is used by the company for marketing email and renewal notice delivery, with the company disabling emails through the platform upon the discovery of the breach.
Such an incident may have been associated with the reported exposure of API keys belonging to SendGrid, MailChimp, and Mailgun in mobile apps, according to Namecheap CEO Richard Kirkendall.
"We would like to assure you that Namecheaps own systems were not breached, and your products, accounts, and personal information remain secure," said Namecheap in a statement.
However, Twilio SendGrid refuted that the incident stemmed from a compromise of its systems.
"We are aware of the situation regarding the use of our platform to launch phishing email and our fraud, compliance, and cyber security teams are engaged in the matter. This situation is not the result of a hack or compromise of Twilios network," said Twilio.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news