Trezor, a prominent provider of cryptocurrency hardware wallets, is currently investigating a phishing campaign that has recently targeted its users. Reports of phishing emails received by users prompted this investigation.
On October 26th, an anonymous blockchain investigator known as ZachXBT raised the alarm about this phishing attack via his Telegram channel. The campaign was focused on Trezor customers, and concerns grew when a Twitter post from the account JHDN suggested that Trezor may have experienced a security breach due to the receipt of phishing emails on the specific email account used for wallet purchases.
The phishing email resembled previous attacks targeting Trezor users. In this case, users were urged to download the “latest firmware update” for their Trezor devices, ostensibly to fix a software issue. The email in question was reportedly sent from the address amministrazione@sideagroup.com.
ZachXBT warned users to exercise caution, as this incident raised the possibility of a data breach either at Trezor or Evri, a United Kingdom-based delivery company responsible for shipping Trezor devices. Furthermore, two other individuals on Reddit shared similar experiences of receiving the same phishing email on the same day.
It looks like Trezor may have been breached? @Trezor@zachxbt#Trezorpic.twitter.com/4lmjZE1Quk
— j (@JHDN) October 26, 2023
Trezor’s brand ambassador, Josef Tetek, acknowledged the ongoing phishing campaign and assured users that the company is actively investigating the matter. Tetek emphasized that Trezor takes security seriously and employs various measures to combat phishing attempts. These measures include reporting fake websites, contacting domain registrars, and educating and warning customers about known risks. The company has published informative articles to assist users in dealing with phishing attacks. One of these articles explains that phishing emails often lead to the download of an app resembling Trezor Suite, which then prompts users to connect their wallet and enter their recovery seed. The page warns that entering the seed in such an app compromises it, leading to an immediate transfer of funds to the attacker’s wallet.
![Crypto Wallet Trezor Investigates Phishing Campaign image 148](https://i0.wp.com/nosisnews.com/wp-content/uploads/2023/10/image-148.png?resize=720%2C259&ssl=1)
![Crypto Wallet Trezor Investigates Phishing Campaign image 148](https://i0.wp.com/nosisnews.com/wp-content/uploads/2023/10/image-148.png?resize=720%2C259&ssl=1)
Tetek also stressed that Trezor never requests users’ recovery seed, PIN, or passphrase and emphasized the importance of following the instructions displayed on a connected Trezor hardware wallet when dealing with the recovery seed.
Phishing attacks have remained a persistent challenge for cryptocurrency investors, despite efforts to mitigate such scams. In September, a significant cryptocurrency investor reportedly fell victim to a substantial phishing campaign, resulting in a loss of $24 million in crypto assets. Cybersecurity reports have indicated a 40% increase in cryptocurrency phishing attacks in 2022, underscoring the need for continued vigilance and awareness among cryptocurrency users.
ALSO READ
- Celsius creditors on high alert for phishing attacks as bankruptcy plan nears
- FBI Issues Warning About Phishing Scams and Social Media Account Hijackers