he web hosting company Namecheap was the latest victim of a combined hacking and phishing attack. In this attack, cybercriminals hacked into SendGrid, Namecheap’s email service. Then, they used SendGrid to impersonate businesses by hacking into their email services.
To start the scam, cybercriminals sent emails with links that led to fake websites. These websites looked real and were even hosted by Namecheap’s web hosting service. If you were to visit these websites, you’d be asked for your personal information, payment details, and login credentials. Unfortunately, cybercriminals could then use this information for their own malicious purposes.
Follow the tips below to stay safe from similar scams:
- Never click a link in an email that you aren’t expecting. Instead, open your internet browser and navigate to the organization’s official website.
- Even if the sender’s email address is from a trusted domain, the email could be fake. Cybercriminals can gain access to trusted domains to make their scams more believable.
When you receive an email, stop and look for red flags. For example, watch out for emails that were sent outside of business hours and emails that contain spelling or grammatical errors.
Stop, Look, and Think. Don’t be fooled.
Protect your network! Learn more about security awareness training for your team.