1 year ago
Trezor’s marque ambassador Josef Tetek emphasized that the hardware wallet steadfast ne'er asks for users’ betterment seed, PIN oregon passphrase.
Cryptocurrency hardware wallet supplier Trezor is investigating the caller phishing campaign arsenic users study getting phishing emails.
The anonymous blockchain sleuth ZachXBT took to his Telegram transmission connected Oct. 26 to alert users to a phishing onslaught targeting Trezor customers.
ZachXBT referred to an X (formerly Twitter) station from the relationship JHDN, which alleged that Trezor whitethorn person been breached aft receiving phishing emails connected the email relationship utilized specifically for buying the wallet.
In a akin mode to some Trezor-related phishing attacks successful the past, the phishing email invites users to download the “latest firmware update” to users’ Trezor devices successful bid to “fix an contented successful software.” According to the poster, the malicious email was sent from the email [email protected].
It looks similar Trezor whitethorn person been breached? @Trezor @zachxbt #Trezor pic.twitter.com/4lmjZE1Quk
— j (@JHDN) October 26, 2023“Be cautious this idiosyncratic conscionable received a phishing email to the email code associated with their Trezor purchase,” ZachXBT wrote, adding that the societal media study could constituent to a imaginable information breach for Trezor oregon Evri, the United Kingdom transportation institution that ships Trezor devices.
ZachXBT mentioned that 2 different radical connected Reddit complained astir the aforesaid Trezor phishing email today.
According to Trezor’s marque ambassador Josef Tetek, the steadfast is alert of the ongoing phishing run and is actively looking into it.
“We continuously study fake websites, interaction domain registrars, and amended and pass our customers of known risks,” Tetek said, referring to aggregate articles aiming to assistance users woody with phishing attacks. One specified nonfiction says that phishing emails often redirect to download a Trezor Suite lookalike app that volition inquire users to link their wallet and participate their seed.
Related: Scammers make Blockworks clone tract to drain crypto wallets
“The effect is compromised erstwhile you participate it into the app, and your funds volition past beryllium instantly transferred to the attacker's wallet,” the leafage reads.
Tetek emphasized that Trezor ne'er asks for users’ betterment seed, PIN, oregon passphrase, adding:
“Users should ne'er participate their betterment effect straight into immoderate website, oregon mobile app oregon benignant it into a computer. The lone harmless mode to enactment with the betterment effect is arsenic per the instructions shown connected a connected Trezor hardware wallet.”Cryptocurrency investors person been suffering from aggregate phishing attacks contempt galore efforts to curb specified scams. In September, a ample crypto capitalist reportedly fell unfortunate to a monolithic phishing campaign, losing $24 cardinal worthy successful crypto assets. According to immoderate cybersecurity reports, the fig of cryptocurrency phishing attacks saw a 40% increase successful 2022.
Additional reporting by Cointelegraph writer Felix Ng.
English (US) 