The largest NFT marketplace in the world faced a human factor on the side of the email delivery provider Customer. As a result, the personal data of OpenSea users were “leaked” into the network. Phishing and other threats have emerged for compromised addresses.
The communications platform Customer can destroy its reputation forever because of the actions of just one employee who has abused the right to access the OpenSea user and subscriber email databases. It is established that he unloaded the received data and sent them to an “external unauthorized party”.
The company was forced to seek the assistance of law enforcement agencies to investigate and protect users. The Customer team is reportedly cooperating with the police and OpenSea.
Logically, the biggest potential threats to NFT sellers and collectors in the first place are now posed by emails. Therefore, basic recommendations for security when working with email were promptly prepared.
For starters, you should always be careful when opening emails. Hackers can use fake but similar OpenSea addresses to try to obtain your personal information illegally. There is only one official OpenSea address from which communication with clients is made. It is safer to send emails “from OpenSea” from any other addresses to the “Spam” folder immediately so that your mail agent does not allow repeated attacks by scammers.
The platform will never ask you to provide a password or seed phrase to your wallet and will not attach any attachments to emails that need to be downloaded. Also, please don’t click on hyperlinks without making sure they contain the correct OpenSea address.
Another simple rule: don’t sign anything from your wallet upon request from email. This practice is excluded on OpenSea, so getting such an offer is a guaranteed scam. Also, trust your intuition: if you have doubts when signing a transaction, just don’t do it.
When faced with a situation you do not understand, do not hesitate to contact the support team. There are no stupid questions, but there are actions you may regret later. Remember that blockchain transactions are irreversible.