Cryptocurrency scam emails impersonating foreign food delivery platform Grubhub

According to a report by the foreign cybersecurity media BleepingComputer, a phishing attack campaign targeting the general public has recently emerged. Attackers are sending out mass emails impersonating the well-known foreign food delivery platform Grubhub. The email content claims that the company is hosting a cryptocurrency promotion, deceiving users into sending a specific amount of cryptocurrency to a designated wallet address, and asserting that they can receive a tenfold return on the original amount.

The phishing emails impersonating Grubhub misuse the official logo and color scheme, and are sent through b.grubhub.com, a legitimate subdomain used by Grubhub to contact merchant partners. Attackers use email accounts such as merry-christmast@b.grubhub.com and crypto-promotion@b.grubhub.com. The email content includes the recipient's name to increase its credibility.

Grubhub officially stated that they have detected these unauthorized messages impersonating Grubhub sent to merchant partners, and have taken relevant measures to ensure that such incidents do not occur again in the future.

Related cybersecurity recommended measures:
1、Maintain a high level of suspicion toward any activity claiming to obtain high profits; legitimate enterprises will not require users to pay cryptocurrency in advance in exchange for rewards.
2、When receiving such promotional emails suspected of being sent by official sources, please be sure to verify through formal channels such as official websites.
3、If the impersonated enterprise has experienced a data breach, the public should be alert that attackers may use this authentic information to create personalized phishing emails.

Sources:
https://www.bleepingcomputer.com/news/security/fake-grubhub-emails-promise-tenfold-return-on-sent-cryptocurrency/ https://www.reddit.com/r/restaurant/comments/1pufpag/did_grubhub_get_hacked_got_a_crypto_scam_email/