A new phishing campaign known as ‘PoisonSeed’ is targeting corporate email Marketing accounts to steal cryptocurrency. Hackers are compromising accounts on platforms like Mailchimp and SendGrid to send phishing emails that contain fake seed phrases, tricking users into draining their crypto wallets. The attack usually begins with the hackers identifying potential targets and sending convincing emails that look genuine. When victims follow the instructions and enter the provided seed phrases, they unknowingly give access to their digital assets. To stay safe, users should ignore urgent email requests and log in directly to their accounts to verify any alerts, avoiding any seed phrases that are suggested by others. Always create your own secure seed phrases.
A new phishing scam, known as ‘PoisonSeed’, is making waves in the cryptocurrency world. This campaign is targeting users by compromising corporate email Marketing accounts, leading to the distribution of emails that contain sensitive crypto seed phrases. These phrases can allow thieves to drain users’ cryptocurrency wallets if they fall victim to the scam.
According to reports from SilentPush, the PoisonSeed campaign is specifically aiming at well-known platforms like Coinbase and Ledger by hijacking accounts on services such as Mailchimp, SendGrid, HubSpot, Mailgun, and Zoho. The method follows recent hacking incidents, including the compromise of security expert Troy Hunt’s Mailchimp account and a notable attack on an Akamai SendGrid account that also targeted Coinbase users.
What’s unique about the PoisonSeed campaign is its sophisticated approach. Attackers identify valuable targets who have access to email Marketing accounts and then send them carefully crafted phishing emails designed to look legitimate. For instance, emails targeting Mailchimp customers have been found to come from mimicked domains like mail-chimpservices.com and mailchimp-ssologin.com, making them appear reliable.
Once a victim unwittingly provides their login details, attackers can exploit these accounts. They gain access to mailing lists and create new API keys, allowing them to control the compromised account even if victims change their passwords. The next step involves sending out fake alerts about critical crypto updates, such as a bogus transition to new wallet types, including fabricated Coinbase seed phrases.
It’s crucial to note that genuine platforms will never send pre-generated seed phrases. Victims who follow the scam’s instructions to enter these seed phrases into new wallets inadvertently grant attackers access to their funds.
To protect yourself from such phishing attempts, it’s essential to remain vigilant. Always verify urgent requests by logging into the actual site independently rather than clicking embedded links. Remember that secure wallet creation should always involve generating your own unique seed phrase, which you should never share with anyone.
If you think you might be a target, stay informed and practice caution. Cybersecurity is crucial, especially as cryptocurrency scams like PoisonSeed continue to evolve.
What is the PoisonSeed phishing campaign?
The PoisonSeed phishing campaign is a trick used by scammers to steal your crypto wallet information. They send fake emails that seem real and ask you to share your wallet seed phrases. If you give them your seed phrase, they can access your cryptocurrency and steal it.
How can I spot a PoisonSeed phishing email?
You can look out for these signs of a PoisonSeed phishing email:
– Unusual sender addresses that don’t match official websites.
– Poor grammar or spelling mistakes in the email.
– Urgent messages asking you to act quickly.
– Links that lead to unknown websites instead of official ones.
What should I do if I received a suspicious email?
If you get a suspicious email, don’t click on any links or provide any information. Delete the email immediately. You can also report it to your email provider to help others avoid the scam.
How can I protect my wallet from phishing attacks?
To protect your wallet from phishing attacks, remember these tips:
– Never share your wallet seed phrase.
– Use two-factor authentication for added security.
– Keep your email and wallet software updated.
– Always verify the source before clicking links in emails.
What should I do if I shared my seed phrase?
If you accidentally shared your seed phrase, act fast. Move your assets to a new wallet immediately. It’s important to create a new wallet with fresh seed phrases and enable stronger security measures to safeguard your cryptocurrency.
