fbpx

Trezor Issues Warning as Users fall victim to Newsletter Phishing Attacks

The cryptocurrency hardware wallet company, Trezor, has confirmed reports that some users were targeted by a phishing attack this weekend.

Trezor

In a tweet on Sunday, a warning was issued by Trezor stating that the phishing campaign targeted Mailchimp’s newsletter database and that their service had been compromised. Trezor confirmed that a phishing campaign targeting Trezor wallet owners via their registered email accounts was reported by a number of users. Unauthorized actors acting as the company in the continuing campaign have approached several Trezor users with the intention of stealing money by tricking unsuspecting investors.

Users received an email about downloading an app from the “trezor.us” domain and informed users to avoid opening emails from “[email protected]”. This is different from the official Trezor domain “trezor.io”. The phishing email (copy found below) appears to direct users to download a Trezor Suite lookalike app, that will prompt you to connect your Trezor wallet and enter your seed phrase. Your seed phrase is then compromised once entered and funds transferred to the attacker’s own wallet.

Trezor Phishing Email

Copy of phishing email | Image Credit: trezor.io

Trezor has since announced that it had taken down the domains used in the phishing emails to prevent any more attacks and that as of the moment the company won’t be communicating with its customers via email until fully resolved. But this is by far not the first attack amongst crypto companies, as last March, BlockFi confirmed a data breach had occurred under Hubspot which gave unauthorized third-party access to certain client data. As well recently, the BAYC confirmed that their Discord servers were compromised and that hackers even managed to steal a valuable Mutante Ape Yacht Club NFT. As well, it is noted that Decentraland had fallen victim as well to the same phishing attack as user’s email addresses were acquired due to a MailChimp data breach.

To read the full details on the phishing attack and how to handle it yourself if you have fallen victime to it, you may read Trezor’s full blog post here.

 

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 985 other subscribers
Avatar for Val Jose Mendoza

Hi! I'm VJ Mendoza! Although I just finished my Bachelor's in Nursing, I've always loved tech and to just to get an idea of me, some things I like are anime, video games, sports such as basketball, volleyball and fencing.

Leave a Reply
JOIN OUR TELEGRAM DISCUSSION

Your email address will not be published. Required fields are marked *