Nansen Users Swamped With Phishing Emails After Data Leak

Brian Yue
Last updated: | 2 min read
Users who were sent the phishing emails were offered an “exclusive opportunity” to take part in a nonexistent “Nansen Airdrop.”
Source: Pixabay

Several users of the crypto analytics platform Nansen have reported receiving phishing emails from scammers after a data breach related to one of the firm’s third-party vendors.

On Thursday, crypto investigator Officer’s Notes posted on X to warn Nansen users of the scam.

“Users have reported receiving phishing emails from fake @nansen_ai today… stay safe!” Officer’s Notes said.

An attached screenshot showed that users who were sent the phishing emails were offered an “exclusive opportunity” to take part in a nonexistent “Nansen Airdrop.”

“Dear Nansen Explorer, Your account registered under the email address [censored email] is eligible to claim the Nansen Airdrop which is now live for the next 48 hours. This exclusive opportunity is available on a first-come, first-serve basis,” the email read.

The email further informed the recipients that, within the next 48 hours, they could supposedly claim a guaranteed allocated amount of counterfeit NANSEN tokens. The scammers included a link in the email, intending to redirect users to a potentially compromised website.

Scammers are disseminating phishing emails through an email address seemingly registered on, according to reports on X. At the time of writing, Nansen has not issued any public statements on the situation.

Officer’s Notes recommends reporting any suspected phishing links to databases like,, and, which could help diminish the success rates of such attacks.

Officer’s Notes also said that user data from a previous third-party database leak in September might have been used to target Nansen users.

Two months ago, a Nansen third-party vendor suffered a security breach, impacting nearly 7% of the system’s users. Those affected by the breach reportedly had their email addresses and passwords exposed, and in several cases, their blockchain addresses were also compromised.

Immediately after, Nansen stated its commitment to identifying and notifying those affected by the breach, urging them to change their passwords. Nansen also reassured users that their wallet funds remained unaffected by the incident.

Crypto investors are experiencing a surge in phishing emails following the recent leakage of user data from platforms like and TrueCoin.

Despite allegations of a database leak involving over 100,000 users, has refuted these claims.

“This is just someone scraping our public API that shows the association between public wallet addresses and public Twitter usernames,” wrote on X. “It’s like saying someone hacked you by looking at your public Twitter feed.”