Trezor Users Targeted by Phishing Email Scam, ZachXBT Warns

Published: Oct 27, 2023
Written By:
Vignesh Karunanidhi
Milk Road Writer

Cryptocurrency hardware wallet maker Trezor is investigating a phishing email campaign targeting its users. Crypto sleuth ZachXBT revealed details of the scam on his Telegram channel.

The fraudulent emails invite Trezor owners to download a fake firmware update to supposedly fix a software issue. This mirrors tactics seen in prior Trezor phishing schemes.

According to ZachXBT, one user received the email at an address created specifically for their Trezor purchase six months ago. He suggested a potential data breach at Trezor or Evri, the UK delivery firm. He also shared the details of two other users who received the phishing mail.

Key details on the phishing scam:

  • Originating email:
  • Urges firmware update download to fix fictional software issue
  • Targets email tied to a prior Trezor order, indicating a possible data leak
  • Multiple Reddit users also reported receiving the malicious emails
  • Trezor is investigating the campaign

Trezor’s brand ambassador, Josef Tetek, acknowledged that the company is aware of the phishing effort. He stated that Trezor continually reports fake sites, contacts domain registrars, and educates users on the risks.

In one of their earlier blog posts from 2022, Trezor outlined the phishing email scam. Once users click the link in the phishing email, it leads them to a fake Trezor Suite app. This counterfeit app prompts them to connect their wallet and input their seed. Unfortunately, once they enter the seed into the app, it becomes compromised, and the funds are swiftly transferred to the attacker’s wallet.

Hardware wallets like Trezor provide one of the most secure ways to store cryptocurrency private keys offline. However, phishing remains a threat, tricking users into compromising their wallets or keys.

Trezor has battled many phishing attempts over the years. The company maintains a real-time blacklist of scam sites and guides users on identifying frauds.

In general, reputable crypto firms never initiate firmware or security upgrades via unprompted emails. Wallet users should go directly to official company sites for any required updates.

Vignesh Karunanidhi
Milk Road Writer
Vignesh has been a seasoned professional in the crypto space since 2017. He has been writing for over 5 years and specializes in writing and editing various types of crypto content, including news articles, long-form pieces, and blog posts, all focused on sharing the beauty of blockchain and crypto.