NFT Platform OpenSea Has Been Breached

Hacken Ecosystem
3 Minutes Read

The world’s first and largest NFT marketplace OpenSea has come under impersonation attacks after a massive leak of users’ emails. We will discuss OpenSea’s case in detail and help you recognize impersonation attacks.

OpenSea email breach

On June 29, OpenSea disclosed details about a customer data breach. It turns out that one of the employees of, the company’s email delivery vendor, shared access to email addresses with an unauthorized external party. These included the email addresses of OpenSea users and subscribers to the newsletter. The biggest NFT marketplace warns that any user who has shared their email address with OpenSea in the past is under threat.

The company reports working with its email vendor to investigate the breach and resolve the imminent threat. OpenSea has reported the incident to law enforcement. For now, OpenSea urges users to be careful because of the risk of impersonation attacks.

Talking about impersonation attacks, now scammers have access to more than a million of real email addresses of OpenSea users. This can only mean one thing: more phishing emails. Malicious actors could try contacting users posing as OpenSea.

Recognizing Impersonation Attacks

All users who have shared their email with OpenSea before are now potential targets of phishing scams that use impersonation. Here are a few effective tips on how to stay safe. These tips are not exclusive to OpenSea users. Opportunities for impersonation attacks are vast. For example, you have received an email from Binance. How to make sure that the email is coming from Binance and not from a malicious actor?

  1. The most important tip is to check the email address of the sender. It is no surprise that scammers would choose a domain that looks visually similar to the official. Go to their website or older legitimate emails and see what is the right domain. For example:
  1. Check for apparent inconsistencies between the Display Name and the Username. Display name is the way the email client shows a sender name. Please keep in mind that even legitimate email addresses may use subdomains.
❌ Address: [email protected] Display name: Binance
✅ Address [email protected] Display name: Binance
  1. The next risk is a phishing link. You have to make sure that the url is legitimate. The problem is authentic emails that have hyperlinks too. Also, links are often put inside buttons. Look for errors in spelling in the url or inconsistencies between the context of the email and where the link goes. On the desktop, hover over the link to see where it leads. On mobile, hold down the link until a pop-up appears.
  2. Look at the general quality of the email. Poor spelling and grammar, inconsistent fonts, images of low resolution should make you more suspicious. If you have received legitimate emails from the address before, new emails should be of the same quality.
  3. Do not download anything from the email. Reputable Web3 projects do not require users to download any attachments.
  4. The email asks for your response. The absolute majority of messages from legitimate Web3 projects are generated automatically and do not require your response:
This is an automated message, please do not reply. 
  1. Use these time-proven cybersecurity essentials from Hacken’s experts to protect your digital assets
Read more on HackenProof Blog