On 2/12/23 3:40 PM, Eric Kuhnke wrote:
https://www.namepros.com/threads/concerning-e-mail-from-namecheap.1294946/page-2#post-8839257
https://lowendtalk.com/discussion/184391/namecheap-hacked
It looks like a third party service they gave their keys to has been
compromised. I got several phishes that fully pass as legit Namecheap
emails.
https://www.namecheap.com/status-updates/archives/74848
If they actually gave them their own private keys, they clearly don't
get how that's supposed to work with DKIM. The right thing to do is
create a new selector with the third party's signing key. Private keys
should be kept... private.
Mike