Trezor Warns Users of Phishing Campaign Mimicking Support Emails

Trezor, a leading manufacturer of hardware wallets for cryptocurrency, has alerted its users to a phishing campaign that mimics the company’s official customer support replies. The company issued a warning on Monday, highlighting that attackers have exploited their contact form to send fraudulent emails that appear to be legitimate support communications. These emails are designed to trick users into sharing sensitive information, such as wallet backups, which should always be kept private and offline.

Trezor emphasized that it will never ask for a user's wallet backup, confirming that the emails in question, while appearing legitimate, are fraudulent. The company clarified that the issue has been contained and that no email breach occurred. Instead, attackers submitted requests to the firm’s support system on behalf of affected users, triggering automated replies. Trezor assured users that its contact form remains safe and secure.

Phishing attacks are a common threat in the cryptocurrency industry, often targeting high-net-worth individuals and resulting in substantial losses. These attacks can take various forms, including spearphishing, where attackers use personalized messages to deceive their targets. In late May, a single victim was scammed twice within three hours, losing a total of $2.6 million in stablecoins. Such incidents underscore the need for heightened vigilance and robust security measures.

In addition to Trezor, other platforms in the cryptocurrency ecosystem have also faced phishing attacks. Recently, the crypto price tracking service CoinMarketCap removed a malicious pop-up notification from its website, which prompted users to verify their cryptocurrency wallets. A similar attack was conducted on Cointelegraph, where a brief compromise of its banner publishing system resulted in a malicious advertisement promoting a fake token airdrop. These incidents highlight the pervasive nature of phishing threats and the importance of continuous monitoring and security enhancements.

Trezor’s warning serves as a critical reminder of the importance of cybersecurity in the digital age. As the use of cryptocurrencies continues to grow, so does the need for robust security measures to protect users from fraud and theft. By staying informed and taking proactive steps to secure their digital assets, users can help mitigate the risks associated with cryptocurrency ownership. Trezor’s timely warnings and user education efforts are essential in safeguarding the cryptocurrency community against evolving threats.