Trezor, a cryptocurrency hardware wallet company, is currently investigating a potential data breach due to an ongoing email phishing campaign.
On October 26, the anonymous blockchain investigator ZachXBT reported a phishing attack targeting Trezor users via his Telegram channel. ZachXBT cited a post on X (formerly Twitter) from the account JHDN, which raised concerns that Trezor might have experienced a breach.
— j (@JHDN) October 26, 2023
These concerns were based on the receipt of phishing emails sent to the specific email accounts used for purchasing Trezor wallets, suggesting a potential compromise of user data.
Users reported receiving phishing emails encouraging them to install an app from the domain’ trezor.us,’ which is different from the official ‘trezor.io’ domain.
Trezor is investigating the extent of the breach, and until further notice, users are advised not to click on links from unauthorized sources to safeguard their security. Trezor’s brand ambassador, Josef Tetek, confirmed the awareness of the phishing campaign and outlined the company’s ongoing efforts to combat such threats.
Trezor actively reports fake websites, contacts domain registrars, and educates users on the potential risks associated with phishing attacks.
“Users should never enter their recovery seed directly into any website or mobile app or type it into a computer. The only safe way to work with the recovery seed is as per the instructions shown on a connected Trezor hardware wallet.”
In a previous blog post from 2022, Trezor highlighted the modus operandi of a phishing email scam. Typically, these scams involve users clicking on a link in the email, which directs them to a fraudulent Trezor Suite app. This fake app then prompts users to connect their wallet and input their seed. Once the seed is entered into the app, it becomes compromised, enabling the attacker to swiftly transfer funds to their wallet.
While hardware wallets like Trezor are known for their security features, phishing remains a significant threat in the cryptocurrency space, as it can deceive users into compromising their wallets or private keys.
Crypto Community Faces Rising Threat of Phishing Attacks as Trezor Issues Warnings
Trezor has battled many phishing attempts over the years. The company maintains a real-time blacklist of scam sites and guides users on identifying frauds. It has also warned its users in the past about a new phishing attack targeting their crypto investments by trying to steal their private keys.
Early this year, Trezor took its X account to caution users about an active phishing attack designed to steal investors’ money by making them enter the wallet’s recovery phrase on a fake website. However, it is not only Trezos that is combating phishing. According to some cybersecurity reports, the number of cryptocurrency phishing attacks saw a 40% increase in 2022.
In 2020, rival hardware wallet firm Ledger suffered a massive data breach, with attackers publicly exposing the personal information of more than 270,000 Ledger customers. Also in September, a crypto whale fell victim to a massive phishing attack, losing millions of dollars in staked Ether on the liquid staking provider Rocket Pool.
The investor lost their entire address balance of Lido Staked ETH (stETH) and Rocket Pool ETH (rETH). At the time of the attack, the amount stolen was worth $15.5 million in stETH and $8.5 million in rETH, a staggering $24 million combined.
Cryptocurrency investors have been suffering from multiple phishing attacks, despite many efforts to curb such scams.