A recent MailChimp hack means you’ll need to be more aware and careful than ever when it comes to phishing emails. Attackers’ emails can now appear to be from the genuine source.
MailChimp is one of the largest marketing platforms around, offering a large range of tools that make it easy to manage contact information in a database, allowing users to send marketing newsletters and other emails to folks that sign-up for a company’s database.
While the company originally targeted small businesses, some larger companies also use it.
Engadget reports that hackers managed to gain access to more than 100 MailChimp customer accounts, which gives them the ability to send emails that would appear to have genuinely come from any of those 100 businesses. Attackers have already emailed folks on the mailing list of cryptocurrency company Trezor, attempting to gain access to the targets’ wallet credentials.
Trezor users over the weekend received emails claiming that their accounts were compromised in a data breach. The email included a purported link to an updated version of Trezor Suite, along with instructions to set up a new pin — though in actuality it was a phishing site meant to capture the contents of their digital wallets.
In a tweet on Sunday, Trezor confirmed that the emails were a part of a sophisticated phishing campaign by a malicious actor that targeted MailChimp’s newsletter database. “The MailChimp security team disclosed that a malicious actor accessed an internal tool used by customer-facing teams for customer support and account administration,” Trezor wrote in a blog post.
Metaverse platform Decentraland tweeted that its accounts were breached. MailChimp has contacted all affected companies but has not announced the names of the affected firms.
All users should be wary of any emails, not just from MailChimp. Never click on links or open attachments in unsolicited emails, even if they appear to be genuine.