Trezor Users Warned of 40% Rise in Phishing Attempts

Coin WorldMonday, Jun 23, 2025 7:22 am ET
2min read

Trezor, a leading hardware wallet provider, has alerted its users to a recent increase in phishing attempts. These fraudulent emails are crafted to appear as legitimate support communications from Trezor, with the goal of tricking users into revealing sensitive information or transferring funds to fraudulent addresses. The scammers are leveraging the trust users have in Trezor's security reputation, making these attacks particularly deceptive.

In an “Important Update,” Trezor confirmed that “attackers abused our contact form to send scam emails appearing as legitimate Trezor support replies.” These fraudulent emails are a direct attempt to trick users, despite their convincing appearance. The company has reiterated a crucial security rule for all users: “NEVER share your wallet backup — it must always stay private and offline. Trezor will never ask for your wallet backup.” This fundamental guideline is essential for protecting digital assets.

The phishing emails often use urgent language, urging users to take immediate action to prevent supposed account suspensions or security breaches. They may include links to fake websites that closely resemble the legitimate Trezor site, where users are asked to enter their seed phrases or private keys. Once obtained, these credentials can be used to access and drain the user's cryptocurrency holdings.

Trezor has emphasized the importance of verifying the authenticity of any communication claiming to be from their support team. Users are advised to check the email address for any discrepancies and to avoid clicking on links or downloading attachments from unknown sources. Additionally, Trezor recommends enabling two-factor authentication (2FA) for an extra layer of security and to regularly update their firmware to protect against known vulnerabilities.

The company has confirmed that “The issue has been contained,” indicating that the vulnerability in their contact form has been resolved. Nevertheless, Trezor stressed the ongoing need for caution: “Security is a continuous process. Stay vigilant.” This incident highlights the pervasive threat of phishing and social engineering in the crypto ecosystem. Trezor users and the broader cryptocurrency community are advised to remain highly cautious of any suspicious communications and to always prioritize the security of their private keys and recovery phrases.

The rise in phishing attempts targeting cryptocurrency users underscores the need for heightened vigilance in the

space. As the value of cryptocurrencies continues to attract more investors, so too does it draw the attention of cybercriminals seeking to exploit unsuspecting victims. Trezor's warning serves as a reminder that while hardware wallets offer robust security features, users must remain cautious and proactive in safeguarding their digital assets.

In response to the increasing threat of phishing attacks, Trezor has also encouraged users to report any suspicious emails to their support team. This collaborative approach helps the company identify and mitigate new phishing tactics, ultimately enhancing the security of the broader Trezor user community. By staying informed and vigilant, users can better protect themselves against these evolving threats and ensure the safety of their cryptocurrency investments.