An employee of the OpenSea email provider, Customer.io, utilized their employee access to obtain and distribute email addresses with an unauthorized third party. Email addresses submitted by users or newsletter subscribers to OpenSea were affected.
If OpenSea suspects that your email address has been compromised, you will get an email from the domain ‘http://opensea.io. Please use caution. This information might be used by malicious actors to mimic OpenSea in email phishing efforts.
Here are a few crucial email security tips:
1) We will ONLY send you emails from the ‘http://opensea.io’ domain.
.‘ Be wary of efforts to imitate OpenSea by using tiny variants of our domain name, such as the one below:
1) We will ONLY send you emails from the domain ‘https://t.co/3qvMZjxmDB.’ Be aware of attempts to impersonate OpenSea through slight variations of our domain name, like below: pic.twitter.com/2tvgC6g3kD
— OpenSea (@opensea) June 30, 2022
2) NEVER DOWNLOAD FROM AN OPENSEA E-MAIL.
3) Examine the URL of any webpage referenced in an OpenSea email. Only links to ‘http://email.opensea.io.’ URLs will be included.
4) NEVER give out your seed phrase to anybody – we’ll never ask for it.
5) We will NEVER ask you to sign wallet transactions based on communications from us.
6) Carefully read whatever you sign with your wallet. If in doubt, don’t sign!
7) Do not respond to emails or files sent by strangers.
Leave this field empty if you're human:
