Many people may not be aware of SendGrid, but there is a good chance that you have received an email from them. SendGrid is a mass email service that is used by 180,000 companies worldwide including Uber, Pinterest, Spotify and Foursquare when companies wish to send mass email messages to their customers, such as when a company wants to alert customers to a service update. When you receive an email from SendGrid or other such mass email services, it appears that the message is being sent by the company with which you have an account, but it actually comes from SendGrid or other mass email services. Last week one of the companies that uses SendGrid had its SendGrid account hacked in an attempt to hack into the company’s account with Coinbase, a Bitcoin exchange. Although the company, unnamed by SendGrid, had its account with Coinbase hacked, according to SendGrid no Bitcoins were stolen. Last year a similar attack aimed at stealing Bitcoins from another SendGrid client, ChunkHost was foiled because, Chunkhost used dual factor authentication, preventing the hacker from accessing the Bitcoins in Chunkhost’s account even after the hackers had managed to steal ChunkHost’s password. More and more hackers are trying to hack into the accounts of users of mass email services such as SendGrid because it enables the hacker to make his or malware containing message appear to come from a trusted source.
Remember my motto, “trust me, you can’t trust anyone.” Merely because an email or text message appears legitimate or appears to come from a trusted email address is no reason to trust the message and click on links contained in the email or text message or download attachments to such emails or text messages. The risk is too great. Never click on links or download attachments unless you are absolutely sure that they are safe and legitimate. Even if you are protected by the latest security software, you are still not safe because the most updated anti-malware and anti-virus software is always at least a month behind the latest malware.