Trezor Users Beware: Third-Party Email Provider Compromised in Malicious Attack
Trezor has not verified whether any users suffered financial losses as a result of the phishing attempt.
Hardware wallet provider Trezor has acknowledged that its third-party email provider was compromised, leading to a series of malicious emails sent to users in the last 12 hours.
The deceptive emails, appearing to be from “[email protected],” prompt recipients to upgrade their “network” or risk losing their funds. The message includes a harmful link redirecting users to a webpage requesting their seed phrase.
Trezor Issues Warning on Malicious Emails
In its latest update on X, Trezor revealed that it promptly deactivated the malicious link and contained the potential threat. While the link itself is harmless as admitted by the company, user funds remain secure unless the recovery seed was entered.
Trezor advised affected users to swiftly transfer their funds to a new wallet for added security.
“The unauthorized email impersonating Trezor using our domain addressed subscribers to our newsletter. If you have not disclosed your 12 or 24-word recovery seed through any online form, your assets remain secure. If you have entered your recovery seed in any form, particularly one that was sent via email, it is crucial to transfer your funds to a new wallet immediately.”
Earlier this week, Trezor raised a security warning following the detection of a data breach on January 17, that resulted from unauthorized access to their third-party support ticketing portal.
Although the incident did not compromise any user funds, approximately 66,000 users who engaged with Trezor Support since December 2021 might have had their names or usernames, along with email addresses, exposed to an unauthorized party.
Coordinated Phishing Scheme Exposed
This development follows a series of coordinated phishing attacks, where investors have reported receiving fraudulent emails purportedly originating from various platforms, including decentralized applications and the crypto wallet bridge provider WalletConnect.
The fraudulent emails also claimed association with the full stack on-chain data platform Token Terminal, the decentralized finance portfolio tracker De.Fi, and the crypto media outlet Cointelegraph.
Experts shared screenshots indicating that every email featured enticing offers of fraudulent airdrops designed to trick users into taking action. Despite having a common objective, the scammers provided various reasons to justify the claimed airdrops in the emails.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
MAGA memecoins rally as crypto traders bet on Trump’s return to the White House
Trump-themed memecoin MAGA has a $152 million market cap, rising 25% over the past seven days and 107% over the past month.The overall PolitiFi market cap is $986 million, a 5.2% change in the last 24 hours according to CoinGecko.
The Daily: Trump plans executive order to make crypto a 'national priority,' XRP market cap approaches $200 billion and more
U.S. President-elect Donald Trump plans to issue an executive order making crypto a “national policy priority” after his inauguration on Monday, Bloomberg reported, citing sources familiar with the matter.XRP derivatives activity is surging, with a sharp rise in call options as its price and futures open interest hovers around all-time highs.Ethereum developers aim to launch the Pectra mainnet upgrade in March, providing hard forks on its Sepolia and Holesky test networks go as planned in February.The foll
State bitcoin reserve plans proliferate
“It’s time for Texas to lead the way in establishing a strategic bitcoin reserve,” Texas senator Charles Schwertner wrote
SEC moves ahead with Ripple appeal in Gensler’s final days
Ripple’s CLO noted the SEC’s brief is nothing but “a rehash of already failed arguments”
Trending news
MoreCrypto prices
More
