Skip to main content

PSA: Watch out for phishing emails from genuine mailing lists, following Mailchimp hack

A Mailchimp hack means that you’ll want to be even more vigilant than usual about phishing emails. Attackers have taken a clever approach to making their emails appear genuine …

Background

When you subscribe to an email list, there’s a decent chance that the emails you received are actually sent by a company called Mailchimp, rather than directly by the company itself. Mailchimp offers companies a range of tools that make it easy to manage email databases, and send marketing emails and newsletters.

Mailchimp is an all-in-one Marketing Platform for small business. We empower millions of customers around the world to start and grow their businesses with our smart marketing technology, award-winning support, and inspiring content […]

Mailchimp was designed as an alternative to the oversized, expensive email software of the early 2000s. It gave small business owners who lacked the high-end tools and resources of their larger competitors access to technology that empowered them and helped them grow.

Although originally targeting small businesses, it is now used by some larger ones too.

Mailchip hack

Engadget reports that hackers managed to gain access to more than 100 Mailchip customer accounts, giving them the ability to send emails that would appear to have come from any one of those businesses. One of the affected email lists was that of cryptocurrency company Trezor, with attackers trying to gain access to their wallet credentials.

Trezor users over the weekend received emails claiming that their accounts were compromised in a data breach. The email included a purported link to an updated version of Trezor Suite, along with instructions to set up a new pin — though in actuality it was a phishing site meant to capture the contents of their digital wallets.

In a tweet on Sunday, Trezor confirmed that the emails were a part of a sophisticated phishing campaign by a malicious actor that targeted MailChimp’s newsletter database. “The Mailchimp security team disclosed that a malicious actor accessed an internal tool used by customer-facing teams for customer support and account administration,” Trezor wrote in a blog post.

Metaverse platform Decentraland said it was another of the accounts breached. The identity of the others is not yet known, but Mailchimp has contacted all affected companies, so we can expect more warnings to follow.

We recently outlined key cybersecurity precautions, including a warning never to click on links in emails, even if they appear genuine.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications