OpenSea warns customers that someone has stolen their email address.
NFT . Market Says(Opens in a new window) “I recently learned that an employee of Customer.io, our email delivery vendor, abused their employees’ access to download and share email addresses—provided by OpenSea users and subscribers to our newsletter—with an unauthorized third party.”
OpenSea says it is “working with Customer.io on its ongoing investigation” and has “reported this incident to law enforcement.” But people whose contact information has been compromised should be more vigilant about potential email-based phishing campaigns as a result of this leak.
The company says that OpenSea customers should be aware of emails coming from similar domains such as “opensae.io”, “opensea.org” and “opensea.xyz”; Refrain from downloading anything from emails that appear to come from OpenSea; And be wary of any links in these emails.
Recommended by our editors
OpenSea also reiterated that it will never ask users to “share or confirm your secret passwords or wallet phrases” or send emails containing “links that directly prompt you to sign a wallet transaction.” Any messages that violate these promises must be deleted immediately.
Like what are you reading?
sign for Security Monitor A newsletter of our top privacy and security stories delivered straight to your inbox.