Trezor Warns Users of Phishing Scam via Contact Form

Trezor, a prominent manufacturer of hardware wallets for cryptocurrency, has issued a warning to its users regarding a phishing scam that exploited its contact form to send fraudulent emails. These emails were designed to mimic official support communications, aiming to deceive recipients into sharing their wallet backups, which are crucial for accessing user funds. The company confirmed that the issue has been contained and that no internal systems were compromised. The exploit was limited to the misuse of the contact form to send fake responses.

Trezor took to X, formerly known as Twitter, to alert users about the security issue. The company emphasized that the scam emails, while appearing legitimate, were part of a phishing attempt. Users were reminded never to share their wallet backups, as this information must remain private and offline. Trezor clarified that attackers had submitted fake support requests using email addresses obtained from an unknown source. Although the attackers could modify the subject lines, they did not gain access to any internal systems or data.

The company further explained that some users might have received automated responses from their system, which were used as the delivery method for the phishing attempt. Despite the incident, no user funds have been reported lost. Trezor urged users to exercise caution and verify any messages through official support channels to ensure their security.

This incident underscores the evolving nature of phishing tactics, which are increasingly targeting communication tools to gain user trust. Trezor is currently reviewing its internal processes to prevent similar abuses in the future. The company's prompt response and transparency in addressing the issue highlight its commitment to user security and the integrity of its services.

Phishing scams have become one of the most common attacks scammers use to target crypto wallet users. These attacks don’t break into the blockchain, which is still safe, but trick people into giving away their private information. Cybercriminals trick people into revealing private keys, recovery phrases, or downloading harmful software. In addition to Trezor, other crypto wallet providers have faced similar problems.

In 2020, Ledger had a major data leak that exposed customer email addresses. After that, many users were targeted with phishing scams. Trust Wallet, MetaMask, and others have also faced similar attacks, with scammers pretending to be support teams via email and social media. These incidents show that phishing and social engineering attacks are common in crypto. As the industry grows, more scammers are trying to exploit unsuspecting users.