Trezor comments on phishing emails sent to community

January 25, 2024 at 9:45 am

Edited by Dorian Batycka

News

Trezor comments on phishing emails sent to community

Hardware wallet provider Trezor has explained the malicious emails sent to its users.

In a post to X, Trezor explained that it had discovered an unauthorized email impersonating the Trezor team from a third-party email provider it uses.

The malicious email, sent from the address “[email protected],” asks users to upgrade their “network” or face the loss of their funds, providing them with a malicious link leading to a web page where they must enter their seed phrase.

https://twitter.com/Trezor/status/1750223673506558146

Trezor found that an unauthorized person had accessed the newsletter subscriber email address database and used a third-party email service to send a malicious email.

The project team has already managed to “deactivate the malicious link” and stated that the user’s funds will remain safe unless they enter their recovery seed.

The unauthorized email impersonating Trezor using our domain addressed subscribers to our newsletter.

If you have not disclosed your 12 or 24-word recovery seed through any online form, your assets remain secure.

If you have entered your recovery seed in any form, particularly…
— Trezor (@Trezor) January 24, 2024

It is noteworthy that attackers took advantage of a vulnerability in the MailerLite digital marketing platform just a few days before the incident. Posing as well-known cryptocurrency companies, unknown people were able to steal about $600,000. The scammers pretended to be representatives of CoinTelegraph, Token Terminal, Wallet Connect, and De.Fi in emails. The emails contained malicious links leading to sites created to steal crypto assets.