[German]There has been a security incident at Logitech. Logitech partners recently received a fraudulent email warning of the risk of an attack on a MetaMask wallet, but the message containing a phishing link. Logitech has now confirmed that an incident occurred a third party service provider.
Advertising
A suspicious MetaMask warning from Logitech
German blog reader Tobias contacted me recently and has sent the following screenshot of a message he claims to have received from Metamask Inc. in behalf of Logitech. Tobias wrote: "We are listed as an account with Logitech Partner."
The message contains an urgent warning that funds are at risk because Meta Mask recently suffered a cyber incident. Users are advised to update their wallets within 24 hours. Tobias has analyzed the mail header – the message has been send from an official Logitech account, used to contact Logitech partners.
The message was scam
I reported on the case in the German blog post "MetaMask-Warnung" an Logitech-Partner: Angeblich Sicherheitsvorfall? on August 1, 2025. The mail seems a bit strange, because MetaMask is a software cryptocurrency wallet that allows users to interact with the Ethereum blockchain and decentralized applications (dApps). It works as a browser extension and mobile app, providing a secure way to manage digital assets, send and receive cryptocurrencies, and connect to various dApps.
But Logitech partners are not the folks using MetaMask wallets to pay their vendor. A quick search led me to the MetaMask support articleI received an email claiming to be from MetaMask. Is it legit? that says: MetaMask never sends unsolicited emails. MetaMask does not and cannot engage in email correspondence with users unless they request it via support or sign up for marketing updates. When creating a MetaMask wallet, no personal data such as names, email addresses, or similar information is collected. I therefore classified the above message as a scam (attempted fraud).
Advertising
Cyber incident at third party service provider
The question was, how did the scammers get their hands on the list of Logitech partner email addresses? I haven't found any on August 1st 2025 an information about a security incident in which email addresses were lost. But there was a cyber incident at a third-party provider. The user who received the above email got hours later another email from Logitech.
Logitech informed the recipient about an unauthorized email send out by a Logitech service provider. The email contained a phishing link that should not be clicked on or used under any circumstances. Logitech has terminated the cooperation this the third party service provider after this incident.
Advertising
