OpenSea, one of the world’s largest NFT sales platforms, fell victim to a data breach that concerns all its users. Cyber security experts explained that all users should be very careful in the next process, because they can be exposed to phishing attacks with fake emails that look like OpenSea. So what happened?
As a matter of fact, the reason for the data breach in OpenSea is not the platform itself. According to the information obtained, OpenSea was working with a platform called “Customer.io” for e-mail newsletters and campaign management. It turns out that a Customer.io employee who looks after OpenSea’s business has copied and outsourced all the email records of users in OpenSea.
What can attackers do with just their email address?
If you have subscribed to OpenSea’s e-mail newsletter, you are now at risk. Because your e-mail address has also fallen victim to the leak. So what can attackers do with just their e-mail addresses? Let’s look at the answer to this question together.
Users who subscribe to the OpenSea email newsletter may start receiving fake emails that appear to come from OpenSea. The content of these emails is quite difficult to guess. Attackers may try to trick users under the pretext of earning rewards or inform them that the account is at risk. Whatever the content, the end result will be: Links will be found in the e-mails sent and these links will be requested to be reached. The user who clicks on that link will unwittingly become a victim.
36873
