Hardware wallet provider Trezor has reported an unauthorized phishing attempt aimed at its users.
Hardware wallet provider Trezor has reported an unauthorized phishing attempt aimed at its users. The attack involved malicious emails impersonating Trezor and urging users to upgrade their “network” or risk losing their funds.
The company has deactivated the malicious link and advised affected users to transfer their funds to new wallets.
Phishing attempt detected
Trezor, a well-known provider of hardware wallets for cryptocurrency storage, has identified a phishing attempt targeting its users. The company confirmed that the attack was carried out through an unauthorized email sent from a third-party email provider used by Trezor.
In the malicious email, users were instructed to upgrade their “network” to avoid losing their funds. A deceptive link in the email led users to a webpage where they were prompted to enter their seed phrase.
Trezor has not yet confirmed whether users have fallen victim to the phishing attempt. However, the company assured users that their funds remained secure if they had not entered their recovery seed. For those who did disclose their seed phrase, Trezor strongly recommends transferring their funds to a new wallet immediately.
Unauthorized access to email database
The investigation conducted by Trezor suggests that an unauthorized individual gained access to the company’s database of email addresses, which primarily consists of newsletter subscribers.
https://twitter.com/Trezor/status/1750269235102634084
This perpetrator then utilized a third-party email service to send out the malicious emails on behalf of Trezor.
This incident has raised concerns about the security of user data and the potential risks associated with third-party service providers. While Trezor has taken measures to address the situation, it highlights the importance of robust cybersecurity measures to protect user information and assets in cryptocurrency.
Some experts believe this phishing attempt may be connected to a recent security breach involving Trezor’s support portal. On January 17, the company disclosed that the contact information of approximately 66,000 users had been exposed.
Trezor quickly took action to restrict unauthorized access and notified affected users at that time.
The connection between the security breach and the phishing attempt is speculative, but it underscores the vulnerability of user data in the cryptocurrency industry. Companies and users alike must remain vigilant in safeguarding sensitive information and assets.
Cybersecurity incidents on the rise
It is worth noting that this phishing attempt on Trezor users is not an isolated incident. The cryptocurrency industry has witnessed a surge in cyberattacks, particularly phishing attacks, in recent times. These attacks often aim to deceive users into disclosing their private keys or seed phrases, leading to the loss of their digital assets.
Coincidentally, email marketing software firm MailerLite reported a cybersecurity incident on January 23, just one day before Trezor’s phishing attempt.
This incident resulted in phishing emails using branded domains, including those associated with Cointelegraph, WalletConnect, and Token Terminal. These phishing attacks collectively led to losses exceeding $3.3 million.
While it is unclear whether Trezor uses the same email domain provider as the affected companies, the timing of these incidents highlights the ongoing challenges posed by cyber threats in the cryptocurrency ecosystem.
User vigilance and security measures
Users must remain vigilant and proactively protect their assets as the cryptocurrency industry grows. It is essential to exercise caution when receiving unsolicited emails or messages, especially those requesting sensitive information like private keys or seed phrases.
Additionally, users should regularly update their security practices, enable two-factor authentication (2FA) whenever possible, and verify the authenticity of communications from cryptocurrency service providers.
It is advisable to visit official websites directly rather than clicking on links in emails to ensure the legitimacy of requests.