Phishing Email Scams That Drained an Estimated $3.3 Million From Subscribers
Hey folks.
Mailerlite, am email marketing firm has confirmed that hackers have gained access to accounts of large web3 companies for the purpose of carrying out phishing email scams which is said to have drained an estimated amount of $3.3 million from subscribers.
The attack on January 23 targeted a small number of Web3 companies, including Cointelegraph.
Mailerlite shared details of how its system has been hacked through a social engineering attack targeting a customer support employee. The details were shared hours after the emails had been sent to subscribers.
According to the statement:
The team member, responding to a customer inquiry via our support portal, clicked on an image that was deceptively linked to a fraudulent Google sign-in page.
The attackers gained access to the internal admin panel of Mailerlite when the employee unintentionally authenticated access. Further control was gained by the hackers by resetting a particular user's password through the admin panel.
According to MailerLite, hackers got access to 117 accounts but only a small number were exploited to launch phishing campaigns.
The service provider issued a warning, stating that data belonging to its users and clients, including complete names, email addresses, and personal information posted to MailerLite, was affected.
Hive: @haveyoursay
X: www.x.com/newsintercept
Website: www.newsintercept.com
Posted Using InLeo Alpha