Sunday, May 26, 2024

OpenSea alerts users of data breach, phishing attacks.

OpenSea has warned users about a data breach that could lead to phishing attacks. In a blogpost, Cory Hardman, the head of security at OpenSea, said an employee of Customer.io had misused the employee access to download and share email addresses provided by the NFT marketplace’s users and subscribers to the company’s newsletter. There was an “unauthorized external party”.

The blog post called out to users who had shared their email with OpenSea in the past that they should assume that they were impacted. OpenSea is working with Customer.io in the ongoing investigation. This incident has also been reported to law enforcement.

OpenSea also warned about possible phishing attacks by hackers using a domain name similar to the official opensea.io – such as “opensea.org” or “opensae.io”. The NFT marketplace explained that because the data compromise includes email addresses, there may be a heightened likelihood of email phishing attempts. It strongly recommended for users to follow a set of guidelines:

  1. Not to download anything from OpenSea email: it should be noted that authentic email accounts do not include attachments or requests to “download anything”.
  2. Be wary of phishing emails from addresses: the platform will only send emails to users from the domain “opensea.io”. Do not engage with any other email claiming to be from OpenSea.
  3. Check the URL of any page linked to OpenSea email: the platform only includes hyperlinks to “email.opensea.io” URLs. Make sure to spell “opensea.io” correctly as hackers impersonate the URLs by shuffling letters. Be extra careful.
  4. Never share, reveal or confirm passwords or secret wallet phrases: OpenSea “never” requires this of users.
  5. Never sign a wallet transaction directly from an email: the platform’s emails will never contain links that prompt you to sign a wallet transaction.

The latest incident comes after OpenSea’s former head of product Nathaniel Chastain was indicted by the Department of Justice with insider trading in connection to NFTs.

Cryptured Team
Cryptured Team
The writers team at Cryptured.com is composed of passionate and experienced journalists who cover the latest developments in the crypto and blockchain space. They aim to provide accurate, unbiased and easy-to-understand news and information for their readers, as well as insights and analysis from industry experts. The writers team is always on the lookout for new and exciting stories that can help the general public learn more about the potential and challenges of these technologies.
RELATED ARTICLES

Most Popular