Email

MicroStrategy’s Saylor fuses work email address with Bitcoin Lightning

Fans of the Bitcoin bull have been transferring him 21 Satoshis as a way to test out the feature.

The Bitcoin (BTC) Lightning Network has integrated into the corporate email address of Michael Saylor, a Bitcoin bull and co-founder of business intelligence software firm MicroStrategy.

In an April 17 tweet, the former chief executive of the firm shared a screenshot with his 3 million Twitter followers of a few transactions sent to “saylor@microstrategy.com” from others in the form of Satoshis or “Sats” — the smallest denomination of Bitcoin.

MicroStrategy’s integration is enabled by the Lightning Address protocol, which allows users to link an “Internet Identifier” like an email address rather than having to copy wallet addresses or use QR codes.

It is unclear if MicroStrategy integrated the feature into all corporate emails at the firm.

The Lightning Network is a popular Bitcoin layer 2 scaling solution, capable of processing 1 million transactions per second (TPS) for a base fee of 1 Satoshi, or around four cents.

Saylor, who now serves as executive chairman at the firm, has been the mastermind behind MicroStrategy’s Bitcoin investment strategy, whaims to strengthen the firm’s balance sheet.

Related: Coinbase CEO says Bitcoin Lightning is ‘something we’ll integrate’

MicroStrategy has spent $4.17 billion to accumulate 140,000 BTC since the company began buying in March 2021. The firm’s average purchase price is $29,800, according to data from Buy Bitcoin Worldwide.

With the price of Bitcoin currently sitting at $29,400, MicroStrategy is down a mere 1.3% on its total investment.

However, the firm was in the green again for a short period of time last week when Bitcoin broke through the $30,000 mark.

Cointelegraph contacted MicroStrategy for comment on its plans to integrate the Lightning Network in more of its corporate email addresses but did not receive an immediate response.

Magazine: Bitcoin in Senegal: Why is this African country using BTC?

Scam alert: Trezor warns users of new phishing attack

The new active phishing attack tries to steal Trezor users’ crypto by tricking investors into entering their recovery phrase on a fake Trezor site.

Hardware cryptocurrency wallet provider Trezor has warned its users about a new phishing attack targeting their crypto investments by trying to steal their private keys.

Trezor took to Twitter on Feb. 28 to caution users about an active phishing attack designed to steal investors’ money by making them enter the wallet’s recovery phrase on a fake Trezor website.

The phishing campaign involves attackers posing as Trezor and contacting victims via phone calls, texts or emails claiming that there has been a security breach or suspicious activity on their Trezor account.

“Trezor Suite has recently endured a security breach, assume all your assets are vulnerable,” the fake message reads, inviting users to follow a phishing link to “secure” their Trezor device.

“Please ignore these messages as they are not from Trezor,” Trezor declared on Twitter, emphasizing that the firm will never contact its customers via calls or SMS. The firm added that Trezor had not found any evidence of a database breach.

A fake SMS from scammers posing as Trezor. Source: Twitter

According to online reports, the latest phishing attack against Trezor customers was launched on Feb. 27, with users being directed to a domain asking to enter their recovery seed. The domain provides a perfectly-made fake Trezor website that prompts users to start securing their wallets by clicking the “Start” button.

A screenshot from a phishing domain copying Trezor’s website. Source: Bleeping Computer

After clicking the “Start” button, users will be asked to provide the recovery phrase for their cryptocurrency wallet.

The wallet’s recovery phrase, or private keys, is the most important part of self-custody by keeping your crypto on a software or hardware noncustodial wallet. The safety of the recovery phrase is more important than keeping the hardware wallet safe. Once the private keys are stolen, it means that crypto holdings no longer belong to their original owner.

Related: Notorious Monkey Drainer crypto scammer says they’re ‘shutting down’

The news came shortly after metaverse firm The Sandbox suffered a data breach on Feb. 26, resulting in a phishing email sent to users.

The latest phishing attack against Trezor customers is not the first scam of such kind. Trezor wallets were also targeted with phishing attacks in April 2022, with attackers contacting Trezor users posing as the company, asking them to download a fake Trezor app.

Such attacks are not exclusive to Trezor, though. In 2020, rival hardware wallet firm Ledger suffered a massive data breach, with attackers publicly exposing the personal information of more than 270,000 Ledger customers.

MetaMask issues scam alert as Namecheap hacker sends unauthorized emails

Web hosting company Namecheap detected the misuse of one of its third-party services for sending some unauthorized emails, which directly targeted MetaMask users.

Popular crypto wallet provider MetaMask warned investors against ongoing phishing attempts by scammers attempting to contact users through Namecheap’s third-party upstream system for emails.

On the evening of Feb. 12, web hosting company Namecheap detected the misuse of one of its third-party services for sending some unauthorized emails — which directly targeted MetaMask users. Namecheap described the incident as an “email gateway issue.“

In the proactive alert, MetaMask reminded its million followers that it does not collect Know Your Customer (KYC) information and will never reach out over an email to discuss account details.

The phishing emails sent by the hacker contain a link that opens a fake MetaMask website requesting a secret recovery phrase “to keep your wallet secure.”

The wallet provider advised investors to refrain from sharing seed phrases, as it hands complete control of the user’s funds to the hacker.

NameCheap further confirmed that its services were not breached and that no customer data was leaked in this incident. Within two hours of the initial intimation, Namecheap confirmed that its mail delivery was restored and that all communications would now be from the official source.

However, the main issue related to the mailing of unsolicited emails is still under investigation. Investors are advised to recheck website links, email addresses and points of contact when dealing with communications from MetaMask and Namecheap.

In response to Cointelegraph’s coverage on the subject, Namecheap confirmed being able to stop the fraudulent emails and contacted their upstream provider to resolve the issue from their end.

Related: OneKey says it has fixed flaw that got its hardware wallet hacked in 1 second

In January, a hacker used Google Ad services to steal nonfungible tokens (NFTs) and cryptocurrencies from investors.

NFT influencer NFT God lost “a life-changing amount” after accidentally downloading malicious software embedded in a Google advertisement.

The incident happened when the influencer used the Google search engine to download OBS, an open-source video streaming software. However, he clicked the link with a sponsored advertisement instead of the official link, which led to the loss of funds.

Crypto users claim Gemini email leak occurred much earlier than first reported

Alleged reports of compromised emails began appearing as early as October.

“Not handled well.” This was how one user described the revelations brought forth by Cointelegraph on Dec. 14 regarding the leak of 5.7 million Gemini customers’ email addresses and partial phone numbers. Shortly after publication, multiple users reached out to Cointelegraph alleging that the leak, which Gemini attributes to a “third-party incident,” happened much earlier than initially understood. 

Mysterious reports of users receiving targeted phishing emails began surfacing on the official r/Gemini subreddit in the weeks prior. In one thread dating back to November, Redditor u/DaveJonesBones claimed that he received a targeted phishing email from an address that was only registered on Gemini:

“It promoted a Cyberbroker NFT drop using Opensea branding. I think I also received one last month, but I deleted it without reading it. Today, I got the hump because I’d specifically opted-out to all marketing emails from Gemini.”

To which a Gemini representative responded:

“Reporting this to our security team. Thank you for letting us know.”

In another thread titled “Gemini is compromised. Gemini user data is being used for complex phishing attempts” from two weeks prior, u/Exit_127 claimed they received a phishing email from a MetaMask imposter regarding the need to “sync my wallet due to the merge.” The user also claimed that “I use email aliases so each online account has a specific email linked to it. This phishing attempt went to the email used by and only by my Gemini account.”

A similar thread by u/Opfu the prior week claimed that Gemini was already aware of the breach. As told by u/Opfu: 

“I just got an email claiming that my Exodus wallet was linked to the Binance exchange from Bermuda (phishing of course). I ONLY use that particular email address at Gemini. When I asked Gemini, they confirmed a breach at a third-party vendor. Customer emails and partial phone numbers. When I asked if they were planning on informing users, they said thanks for the feedback.”

Another user responded:

“The same thing happened to me as well. The email was definitely a phishing attempt. I was so confused how Exodus got my Gemini email address as well, so knew there must have been some compromised at some point…”

In an official statement, Gemini wrote that “no Gemini account information or systems were impacted as a result of this third-party incident, and all funds and customer accounts remain secure.” It also warned of “increased phishing campaigns” as a result of the third-party breach. The blog post did not mention the date of the security incident. Prior to publication, Cointelegraph reached out to a Gemini spokesperson, who declined to comment on the matter.

An alleged targeted phishing attempt sent to a Gemini email address dated Oct. 3, 2022. Source: Anonymous user

This is what your email could look like in Web3

The first generation of blockchain-based messaging platforms are attempting to address the missing pieces of Web3 adoption.

Forget about tracking decentralized autonomous organization votes, decentralized finance transactions, or data breaches across many channels and platforms. Your Web3 mailbox will handle it for you without requiring your phone number or legacy email address. Instead, your wallet address will receive and organize all this information.

At least, these are some of the promises made by Web3 communications companies attempting to build the first generation of blockchain-based messaging platforms: the Web2 experience with Web3 privacy and security, and, most importantly, focusing on Web3 problems.

A wallet’s monthly statements, transaction notifications and hack updates, for example, are some of the contents users could receive in their inbox, explained Swapnika Nag, co-founder of Hashmail — an India-based startup that launched in beta on Oct. 1.

The startup is now offering users the possibility to exchange emails through their existing wallet addresses. “That’s essentially an inbox which feels very much like email, but on the backend, you just connect with your wallet address and your messages,” noted Nag.

For native Web3 companies, the technology means an alternative to Telegram and Discord communication channels by providing a direct line with users, and also a potentially valuable marketing tool. For users, it adds an extra layer of protection against phishing attacks, and potentially offers token rewards via paid advertising and subscriptions received.

“In Web3, your point of access is your wallet, and that is what you log in with. Essentially, that is what most applications know about you,” said Nag.

Related: What is Web 3.0: A beginner’s guide to the decentralized internet of the future

Another company attempting to address the communication friction in the industry is EtherMail, a platform offering encrypted wallet-to-wallet communication. In August, EtherMail disclosed a $3 million seed funding led by Fabric Ventures and Greenfield One.

“Today, most users buy a token and speculate on its price without tapping into the community,” said an EtherMail representative to Cointelegraph, stating that straightforward communication may catalyze broader adoption by helping users to understand and engage with their chosen communities.

Similar to HashMail, EtherMail seeks to offer a paywall to filter spam and incentivize readers to profit from any advertising received, along with subscriptions and other resources for companies.

Despite its potential, Web3 emails don’t seem to be a threat to Web2 message providers in the short term, said Nag. But in the long run, we could see an increase in the adoption of Web3 native emails as users seek fundamental advantages, such as decentralized storage and privacy.

Web3 is a possible future version of the internet based on public blockchains, a record-keeping system best known for facilitating cryptocurrency transactions. The industry is expected to reach $81.5 billion in 2030, according to Emergen Research, but it still faces challenges, including security and interoperability.

Blockchain security firm warns of new MetaMask phishing campaign

Blockchain security firm Halborn has warned users of the latest phishing emails doing the rounds.

A cybersecurity firm has issued warnings over a new phishing campaign targeting users of the popular crypto wallet MetaMask.

In a Thursday post written by Halborn’s technical education specialist Luis Lubeck, the active phishing campaign used emails to target MetaMask users and trick them into giving out their passphrase. 

The firm analyzed scam emails it received in late July to warn users of the new scam. Halborn noted that at an initial glance, the email looks authentic with a MetaMask header and logo and with messages that tell users to comply with Know Your Customer (KYC) regulations and how to verify their wallets.

However, Halborn also noted there are several red flags within the message. Spelling errors and a fake sender’s email address were two of the most obvious. Furthermore, a fake domain called metamaks.auction was used to send the phishing emails.

Phishing attacks are social engineering attacks using targeted emails to lure victims into revealing more personal data or clicking links to malicious websites that attempt to steal crypto.

There was also no personalization in the message, the firm noted, which is another warning sign. Hovering over the call to action button reveals the malicious link to a fake website which prompts users to enter their seed phrases before redirecting to MetaMask to empty their crypto wallets.

Halborn, which raised $90 million in a Series A round in July, was founded in 2019 by ethical hackers offering blockchain and cybersecurity services.

In June, Halborn researchers discovered a case where a user’s private keys could be found unencrypted on a disk in a compromised computer. MetaMask patched its extension versions 10.11.3 and later following the discovery.

However, there was no mention of the new email phishing threat on MetaMask’s Twitter feed at the time of writing.

Related: Phishing risks escalate as Celsius confirms client emails leaked

Last week, Celsius users were warned of a phishing threat following the leak of customer emails by a third-party vendor employee.

In late July, security researchers warned of a new malware strain called Luca Stealer appearing in the wild. The information stealer has been written in the Rust programming language and targets Web3 infrastructure such as crypto wallets. Similar Malware called Mars Stealer was discovered targeting MetaMask wallets in February.

Phishing risks escalate as Celsius confirms client emails leaked

It is not the first time Celsius’ customer emails have been exploited and leaked online.

Celsius depositors should be on the lookout for phishing scams after the company revealed some of its customer data had been leaked in a third-party data breach. 

On Tuesday, Celsius sent an email to its customers informing them that a list of their emails had been leaked by an employee of one of its business data management and messaging vendors.

According to Celsius, the breach came from an engineer at the Customer.io messaging platform, who leaked the data to a third-party bad actor.

“We were recently informed by our vendor Customer.io that one of their employees accessed a list of Celsius client email addresses,” said Celsius in its email to customers. The data breach is part of the same incursion that leaked OpenSea customer email addresses in June.

Celsius has, however, played down the incident stating that it did not “present any high risks to our clients,” adding that they just wanted users to “be aware.”

On July 7, Customer.io wrote in a blog post that “We know this was a result of the deliberate actions of a senior engineer who had an appropriate level of access to perform their duties and provided these email addresses to the bad actor.” The employee has since been terminated.

The number of emails leaked was not disclosed, nor was the platform to which they were leaked.

However, the crypto community has started to warn Celsius users of phishing attacks which usually follow an email data breach.

Phishing is a form of social engineering in which targeted emails are sent to lure victims into revealing more personal data or clicking links to malicious websites that installs malware to steal or mine crypto.

A similar data breach in April 2021 saw Celsius customers reportedly targeted by a fraudulent website claiming to be the official Celsius platform. Some received SMS and emails prompting them to reveal personal information and seed phrases.

At the time, the company reported that hackers had gained access to a third-party email distribution system it uses.

Related: Email server breach sees Celsians targeted by phishing attacks

Perhaps the most famous crypto data breach was from hardware wallet provider Ledger, which had its servers hacked in 2020. The spewing of thousands of customers’ personal details on the internet resulted in untold losses and even physical threats for many victims, yet the company refused to compensate them.

Celsius email to customers on July 26.