Nansen phishing emails flood crypto investors’ inbox

cointelegraph.com:

Numerous users of the crypto analytics platform Nansen have received phishing emails from scammers pitching an “exclusive opportunity” to participate in the fictitious “Nansen Airdrop.”

On Nov. 23, crypto community members on X (formerly Twitter) flagged an ongoing phishing campaign targeting Nansen users. The scammers are impersonating Nansen and sending fake invitations to an exclusive airdrop event.

Cointelegraph confirmed the hack from crypto investigator Officer’s Notes (Officercia), who initially warned the community about the ongoing attack. He suspects that user data from a previous third-party database leak is being used to target Nansen users.

On Sept 22, one of Nansen’s third-party vendors suffered a security breach, which affected nearly 7% of users in the system. The users affected by the breach reportedly had their email addresses exposed, along with some password hashes, and several had their blockchain addresses compromised. At the time, Nansen claimed it identify and inform those affected and asked all to change their passwords. It also clarified that wallet funds were unaffected by the event.

The screenshot of the Nansen phishing email shared with Cointelegraph shows the sender was “[email protected],” an email address completely unrelated to the original analytics platform.

It said that for the next 48 hours, the user could claim a guaranteed allocated amount of fake $NANSEN tokens. The scammers attached a link to the email, which would redirect users to a potentially rigged website.

Officercia advises reporting suspected phishing links to databases such as chainabuse.com, cryptoscamdb.org and phishtank.org, which helps the internet community reduce the success rates of such attacks.

Nansen has not