On Sept. 22, one of Nansen’s third-party vendors suffered a security breach, which exposed the email addresses of 7% of the system’s users.
Numerous users of the crypto analytics platform Nansen have received phishing emails from scammers pitching an “exclusive opportunity” to participate in the fictitious “Nansen Airdrop.”
On Nov. 23, crypto community members on X (formerly Twitter) flagged an ongoing phishing campaign targeting Nansen users. The scammers are impersonating Nansen and sending fake invitations to an exclusive airdrop event.
Cointelegraph confirmed the hack from crypto investigator Officer’s Notes (Officercia), who initially warned the community about the ongoing attack. He suspects that user data from a previous third-party database leak is being used to target Nansen users.
On Sept. 22, one of Nansen’s third-party vendors suffered a security breach, which affected nearly 7% of the system’s users. The users affected by the breach reportedly had their email addresses exposed, along with some password hashes, and several had their blockchain addresses compromised. At the time, Nansen claimed it would identify and inform those affected and ask them all to change their passwords. It also clarified that wallet funds were unaffected by the event.
The screenshot of the Nansen phishing email shared with Cointelegraph shows the sender was “mail@networkforgood.com,” an email address completely unrelated to the original analytics platform.
Nansen told Cointelegraph that non-Nansen users, who were part of the breached data set, have also received the phishing emails. Citing similar reports from various other companies, the spokesperson said:
“It may be an industry-wide trend where malicious actors are increasing their activity in this space as market conditions improve.”
It said that for the next 48 hours, users could claim a guaranteed allocated amount of fake NANSEN tokens. The scammers attached a link to the email, which would redirect users to a potentially rigged website.
Officercia advises reporting suspected phishing links to databases such as chainabuse.com, cryptoscamdb.org and phishtank.org, which help the internet community reduce the success rates of such attacks.
Nansen reminded readers to always double-check the domains and URLs to confirm the identity of the sender.
Even more crypto investors are potential phishing targets after user data from TrueCoin and FTX bankruptcy claims, among others, was leaked recently.
However, Friend.tech recently denied claims that its database of over 100,000 users was leaked. “It’s like saying someone hacked you by looking at your public Twitter feed,” explained the Friend.tech team, clarifying that the information came from scraping its public API.