Key Insights
- Trezor cryptocurrency wallet users reported receiving phishing emails this week requesting they download a fake firmware update.
- Cybersecurity experts believe this is part of an ongoing phishing campaign attempting to steal users’ recovery seeds and access their crypto funds.
- While not yet confirmed, the phishing emails have sparked concerns that Trezor may have experienced a data breach, compromising thousands of customers’ information.
Cryptocurrency hardware wallet company Trezor is investigating a phishing scam targeting its users. The scam involves emails sent to Trezor customers asking them to download a fake firmware update containing malware.
The phishing emails were first reported on October 26 by blockchain investigator ZachXBT. Several Trezor users received emails from amministrazione@sideagroup.com asking them to install a firmware update to fix an issue.
This email address and request to download firmware are highly suspicious, as Trezor never asks users to enter their recovery phrase or download firmware updates directly.
Phishing Attack Raises Possibility of Trezor Customer Data Leak
The phishing attack likely stemmed from a data breach, either at Trezor or the shipping company Evri. The scam emails were sent to addresses associated with past Trezor purchases, indicating the hackers gained access to customer information.
This is just the latest cryptocurrency phishing scam as hackers become more sophisticated. Industry reports show a 40% increase in crypto phishing attacks this year alone. In September, a crypto investor lost $24 million in assets after falling for a phishing campaign.
Trezor is working to mitigate the effects of this scam. According to brand ambassador Josef Tetek, the company continuously monitors fake websites and educates users on phishing risks. Tetek warned users to never enter their recovery phrase into a website or app, as this can lead to immediate theft of funds.
Cryptocurrency holders should be vigilant about phishing attempts like this. Check email addresses closely, never enter your recovery phrase anywhere, and confirm legitimacy before downloading anything related to your crypto wallets. As hackers create more deceptive phishing tactics, education is our best protection.
Meet Samson Ononeme, a dynamic writer, editor, and CEO of marketsxplora.com. With a passion for words and a sharp business acumen, he captivates readers with captivating storytelling and delivers insightful market analysis.