MetaMask Caution Users Against Scam KYC-seeking Emails

  • The company warned users against revealing their secret phrases.
  • Early this month, MetaMask introduced a new phishing detection feature.

The world’s leading Web3 wallet, MetaMask, took to Twitter today to caution the crypto community about an ongoing exploit where hackers send unauthorized emails to its users.

According to a screenshot the company shared, the scammers asked the targeted users to fill out a know-your-customer (KYC) form and confirm their secret recovery phrase in a fraudulent attempt to “keep users’ fund safe.”

MetaMask then proclaimed that it does not collect KYC info from users and will never send emails about their accounts. “If you got an email today from MetaMask or Namecheap or anyone else like this, ignore it and do not click its links,” the company declared.

According to a report, the source of the unauthorized emails was the popular domain registrar NameCheap. The report said Namecheap had their email account breached Sunday night, causing a flood of MetaMask and DHL phishing emails that attempted to steal recipients’ personal information and crypto wallets.

Namecheap CEO Richard Kirkendall confirmed the compromise and noted that they have disabled email through SendGrid while they investigated the issue.

Notably, MetaMask introduced new features to its privacy and security settings early this month to help with phishing detection and identifying transactions.

In other news, MetaMask announced that it would integrate with, powered by India’s biggest exchange, Bitbns, to grant Indian customers instant crypto access. According to the official statement, Indian MetaMask users will now be able to purchase crypto directly within the MetaMask mobile app using’s API, which supports various local payment methods.

Related Articles

Back to top button