On October 26, an anonymous blockchain investigator known as ZachXBT alerted users to a phishing attack targeting Trezor customers via a Telegram channel. The alert pointed to a tweet by the account JHDN, which suggested that Trezor might have experienced a security breach following phishing emails sent to an email account used for wallet purchases.

Phishing Email Details

The phishing email closely resembled previous Trezor-related attacks. It lured recipients to download the “latest firmware update” for their Trezor devices under the pretense of fixing a software issue. According to the report, the deceptive email originated from the address amministrazione@sideagroup.com.

It looks like Trezor may have been breached? @Trezor @zachxbt #Trezor pic.twitter.com/4lmjZE1Quk

— j (@JHDN) October 26, 2023

ZachXBT underscored the severity of the situation, warning that multiple individuals, including those on Reddit, had encountered the same Trezor phishing email. This situation raises concerns about the security of Trezor or its delivery partner, Evri, a UK-based company that ships Trezor devices.

Response from Trezor

Josef Tetek, the brand ambassador for Trezor, acknowledged the ongoing phishing campaign and stated that the company is actively addressing the issue. Trezor has a history of reporting fake websites, engaging with domain registrars, and educating its customers about potential risks, including phishing attacks.

Tetek explained the modus operandi of phishing attacks, which typically redirect users to download a fraudulent Trezor Suite app. This fake app requests users to connect their wallets and enter their recovery seed. Once the seed is compromised and entered into the app, the attacker gains access to the user’s funds, which are then transferred to the attacker’s wallet.

Despite extensive efforts to combat phishing scams, cryptocurrency investors continue to fall victim to such attacks. In September, a major crypto investor suffered significant losses in a phishing campaign, highlighting the ongoing threat. Reports indicate that cryptocurrency phishing attacks increased by 40% in 2022, underscoring the need for heightened vigilance in the crypto community.