OpenSea user email addresses leaked! Be cautious of phishing attacks.

OpenSea announced yesterday that users' email data has been leaked, cautioning against malicious actors using fake email addresses for phishing attacks.

OpenSea User Email Leak

According to an announcement from OpenSea, an employee of their Email service provider Customer.io misused their employee privileges to download Email information and share it with unauthorized third parties, potentially leading to a leak of personal information for users who had previously provided their OpenSea Email addresses. OpenSea is currently collaborating with law enforcement to investigate the matter.

Due to the Email address leak, there is a significantly increased risk of phishing attacks using Email. OpenSea also emphasizes that their Email domain is opensea.io and advises users to be cautious and not fall for scams.

OpenSea has provided several security recommendations to help users avoid potential losses resulting from this incident.

1. Beware of phishing emails attempting to impersonate OpenSea: OpenSea's Email domain is: opensea.io, any other is fraudulent.
2. Avoid downloading any content from OpenSea emails: Legitimate OpenSea emails will not contain attachments or request users to download any files.
3. Check the URL of any links in OpenSea emails: OpenSea emails will only contain hyperlinks directing to email.opensea.io. Ensure opensea.io is spelled correctly.
4. Do not share or confirm passwords and wallet recovery phrases: OpenSea will never ask users for this information in any way.
5. Do not sign any wallet transactions directly from email links: OpenSea emails will never include links that prompt signing wallet transactions.

If encountering any issues or suspicious activity, users can report through the customer support center.