Nansen phishing emails flood crypto investors’ inboxes

Numerous users of the crypto analytics platform Nansen have received phishing emails from scammers pitching an “exclusive opportunity” to participate in the fictitious “Nansen Airdrop.”

On Nov. 23, crypto community members on X (formerly Twitter) flagged an ongoing phishing campaign targeting Nansen users. The scammers are impersonating Nansen and sending fake invitations to an exclusive airdrop event.

Cointelegraph confirmed the hack from crypto investigator Officer’s Notes (Officercia), who initially warned the community about the ongoing attack. He suspects that user data from a previous third-party database leak is being used to target Nansen users.

On Sept. 22, one of Nansen’s third-party vendors suffered a security breach, which affected nearly 7% of the system’s users. The users affected by the breach reportedly had their email addresses exposed, along with some password hashes, and several had their blockchain addresses compromised. At the time, Nansen claimed it would identify and inform those affected and ask them all to change their passwords. It also clarified that wallet funds were unaffected by the event.

Nansen phishing email. Source: @offiercia (X)

The screenshot of the Nansen phishing email shared with Cointelegraph shows the sender was “,” an email address completely unrelated to the original analytics platform.

It said that for the next 48 hours, users could claim a guaranteed allocated amount of fake NANSEN tokens. The scammers attached a link to the email, which would redirect users to a potentially rigged website.

Officercia advises reporting suspected phishing links to databases such as, and, which help the internet community reduce the success rates of such attacks.

Nansen has not responded to Cointelegraph’s request for comment.

Related: No ‘mass exodus of funds’ following Binance–DOJ settlement — Nansen

Even more crypto investors are potential phishing targets after user data from TrueCoin and FTX bankruptcy claims, among others, was leaked recently.

However, recently denied claims that its database of over 100,000 users was leaked. “It’s like saying someone hacked you by looking at your public Twitter feed,” explained the team, clarifying that the information came from scraping its public API.

Magazine: This is your brain on crypto: Substance abuse grows among crypto traders