The fraudulent emails invite Trezor owners to download a fake firmware update to supposedly fix a software issue. This mirrors tactics seen in prior Trezor phishing schemes.
According to ZachXBT, one user received the email at an address created specifically for their Trezor purchase six months ago. He suggested a potential data breach at Trezor or Evri, the UK delivery firm. He also shared the details of two other users who received the phishing mail.
Key details on the phishing scam:
- Originating email: firstname.lastname@example.org
- Urges firmware update download to fix fictional software issue
- Targets email tied to a prior Trezor order, indicating a possible data leak
- Multiple Reddit users also reported receiving the malicious emails
- Trezor is investigating the campaign
Trezor’s brand ambassador, Josef Tetek, acknowledged that the company is aware of the phishing effort. He stated that Trezor continually reports fake sites, contacts domain registrars, and educates users on the risks.
In one of their earlier blog posts from 2022, Trezor outlined the phishing email scam. Once users click the link in the phishing email, it leads them to a fake Trezor Suite app. This counterfeit app prompts them to connect their wallet and input their seed. Unfortunately, once they enter the seed into the app, it becomes compromised, and the funds are swiftly transferred to the attacker’s wallet.
Hardware wallets like Trezor provide one of the most secure ways to store cryptocurrency private keys offline. However, phishing remains a threat, tricking users into compromising their wallets or keys.
Trezor has battled many phishing attempts over the years. The company maintains a real-time blacklist of scam sites and guides users on identifying frauds.
In general, reputable crypto firms never initiate firmware or security upgrades via unprompted emails. Wallet users should go directly to official company sites for any required updates.