July 1, 2024 at 05:39AM
Phishing emails, purportedly from a router maker’s helpdesk portal, are targeting users who submit support tickets. The emails claim to be from MetaMask and urge users to update their accounts within 24 hours to prevent loss of access. The malicious URL included in the email redirects to a suspended webpage. Mercku customers are advised to avoid the manufacturer’s support portal and any related communications.
Based on the meeting notes, it seems that Mercku, a Canadian router manufacturer, is experiencing a compromise in their helpdesk portal, leading to the distribution of MetaMask phishing emails in response to support tickets. These emails advise users to update their MetaMask accounts and include a deceptive URL, directing users to a fraudulent website. The phishing emails are being auto-responded to support requests submitted to Mercku, posing a potential threat to the security of user accounts.
It is recommended that Mercku customers and prospects refrain from using the manufacturer’s support portal and avoid interacting with any communications originating from it. BleepingComputer has already contacted Mercku’s support and press teams to notify them of this compromise and seek additional information about the incident.