Trezor Warns of Unauthorized Phishing Email Impersonating the Firm

Published: Jan 25, 2024
Written By:
Vignesh Karunanidhi
Milk Road Writer

Cryptocurrency hardware wallet maker Trezor recently detected a phishing email illegally posing as the company and contacting newsletter subscribers. Trezor managed to swiftly deactivate the malicious link sent from “[email protected]“.

However, the company still cautioned users not to enter their highly sensitive recovery seeds in any forms sent via email. The hardware wallet manufacturer asked that anyone compromised should immediately move funds to new, secure wallets.

Key Details:

  • An unauthorized phishing email accessed Trezor newsletter subscriber addresses.
  • The phishing email told users to update “assets” via a fake link, and not to disclose information.
  • Trezor disabled the email link, but some users may have exposed recovery seeds.
  • A potential data breach is still under investigation.
  • There is no direct wallet or fund access, but phishing remains a major threat.

Read more: Binance Founder CZ Denied Travel To UAE Despite $4.5B Equity As Security Offering

In an X thread, Trezor explained that an unnamed unauthorized individual managed to access a database containing the email addresses of newsletter members.

Hackers gain access to email of Trezor newsletter members

The email database was then abused to distribute the fraudulent email, utilizing Trezor’s mailing domain through the mailing service they rely on. Beyond email addresses, Trezor believes no further user data was breached. Investigations into the incident remain ongoing.

The phishing attempt told recipients their “assets” needed upgrading and warned them not to disclose personal information. It then directed them to a fake Trezor web portal, prompting users to enter their 12- or 24-word recovery seed phrases to access their funds.

Read more: SEC Crypto Enforcement Jumped 53% To 46 Actions In 2023

As the master keys to a crypto wallet, exposure to recovery seeds often leads to prompt drainage of accounts by attackers before victims can react. While the disabled link averted further issues, any users already compromised should immediately transfer funds to brand new secure wallets to prevent theft.

The incident underscores how the huge pools of user data accumulated by crypto firms continue to attract sophisticated hacking and phishing attempts. Trezor apologized for the legitimate worry caused and reminded users to never disclose recovery seeds, no matter the source.

Vignesh Karunanidhi

Vignesh has been a seasoned professional in the crypto space since 2017. He has been writing for over 6 years and specializes in writing and editing various types of crypto content, including news articles, long-form pieces, and blog posts, all focused on sharing the beauty of blockchain and crypto.

Vignesh Karunanidhi
Milk Road Writer
Vignesh has been a seasoned professional in the crypto space since 2017. He has been writing for over 6 years and specializes in writing and editing various types of crypto content, including news articles, long-form pieces, and blog posts, all focused on sharing the beauty of blockchain and crypto.