Security Tip of the Week - Hiding Behind Namecheap

Cybercriminals recently combined hacking and phishing in an attack against Namecheap. Don’t fall for this tricky scam!

The web hosting company Namecheap was the latest victim of a combined hacking and phishing attack. In this attack, cybercriminals hacked into SendGrid, Namecheap’s email service. Then, they used SendGrid to impersonate businesses by hacking into their email services. 

To start the scam, cybercriminals sent emails with links that led to fake websites. These websites looked real and were even hosted by Namecheap’s web hosting service. If you were to visit these websites, you’d be asked for your personal information, payment details, and login credentials. Unfortunately, cybercriminals could then use this information for their own malicious purposes.

Follow the tips below to stay safe from similar scams:

• Never click a link in an email that you aren’t expecting. Instead, open your internet browser and navigate to the organization’s official website.
• Even if the sender’s email address is from a trusted domain, the email could be fake. Cybercriminals can gain access to trusted domains to make their scams more believable.
• When you receive an email, stop and look for red flags. For example, watch out for emails that were sent outside of business hours and emails that contain spelling or grammatical errors.

Stop, Look, and Think. Don’t be fooled.

KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.

DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.