Trezor Suffers Phishing Scam

Trezor users were the victim of a recent phishing effort. According to a tweet, the hardware wallet advised users not to open emails. Data breaches were recently verified by both MailChimp and BlockFi.

This happened after unscrupulous actors posing as the company sent out an email claiming that Trezorhad suffered a security breach that exposed some of its customers’ data. Users were then directed to download the most recent version of Trezor Suite through email.

Wow, @Trezor, this is the best phishing attempt I have seen in the last few years. I am really lucky I don't have Trezor, because if I had, I would probably actually download that update. pic.twitter.com/DaBN2Oix11
— Tomáš Kafka (@keff85) April 2, 2022

Because it was posted on Twitter, many users mistook the email for a real one. The company was able to clear up the situation, disclosing that the email did not come from Trezor, but rather from unauthorized actors unrelated to the company.

Trezor says it’s looking into “a potential data breach of an opt-in newsletter housed on MailChimp” in a tweet. It stated it received confirmation from MailChimp that the hack targeted crypto companies and advised users not to read any emails from “noreply@trezor.us.”

You think maybe it’s time to:
1. stop doxxing your users to insecure email saas vendors
2. implement PGP email. (Kraken does it)
— EndTheFUD (🖕Greenpeace) (@xi27pox) April 3, 2022

Given how genuine the phishing email appears to be, it’s conceivable that some people have felt for the con. The email was hailed by one of the recipients as the “greatest phishing attempt” he had seen in years.

Instead of trezor.io, the phishing email included a download link with trezor.us as the domain name. Investigations into the scope of the attack are still ongoing as of press time, however, Trezor has discontinued its newsletter pending more information.

MailChimp have confirmed that their service has been compromised by an insider targeting crypto companies.

We have managed to take the phishing domain offline. We are trying to determine how many email addresses have been affected. 1/
— Trezor (@Trezor) April 3, 2022

Users should not open any email from Trezor till further notice, according to the hardware wallet, which has shut down certain domains that attackers could exploit. It further requested that users exclusively utilize anonymous email addresses for crypto-related transactions.

Several users, on the other hand, have chastised Trezor for using MailChimp for its email services. Some even compared it to Ledger, another hardware wallet that had its email list stolen due to a data breach. However, there are additional proposals for more secure mailing options.

Trezor was the first cryptocurrency hardware wallet to hit the market. It’s a hardware wallet that lets you store, send, and receive a variety of cryptocurrencies safely. SatoshiLabs, a firm based in the Czech Republic, introduced the wallet for the first time in 2014.

Trezor is a multi-currency wallet, which means it can hold a variety of different cryptocurrencies. This is useful if you have a portfolio with a range of cryptos, as you would normally have to keep each one separately in a wallet.

Also Read: Beware of OTP Bots!! How Can One Time Password Bots Steal Cryptocurrency

Join our Telegram Channel to get the best notification regarding Pricing Prediction, Trading Analysis, News, Blogs, and interviews.

JOIN NOW Don’t MIss

Also Read: Beware of OTP Bots!! How Can One Time Password Bots Steal Cryptocurrency

Related Posts