Customers Experience Fresh Wave of Trezor Phishing Emails Following Recent Support Portal Breach

Trezor, the hardware wallet provider, has verified that the recent surge in malicious emails sent to users in the last 12 hours is a result of unauthorised usage of its third-party email provider.

“We’ve detected an unauthorised email impersonating Trezor sent from a third-party email provider we use,” the hardware wallet provider stated on Jan. 24.

https://twitter.com/Trezor/status/1750223673506558146

The fraudulent email, originating from “noreply@trezor.io,” directs users to upgrade their “network” or risk losing their funds. It includes a harmful link, leading to a webpage prompting users to enter their seed phrase.

Trezor has not confirmed any fund losses or received reports of users falling victim to the scam. Funds remain secure if users refrain from entering their recovery seed.

For those who did, Trezor advises an immediate transfer to a new wallet. The ongoing investigation indicates an unauthorised individual gained access to Trezor’s email database of newsletter subscribers, utilising a third-party email service to dispatch the deceitful messages.

Curiously, just a few days prior, MailerLite, an email marketing software company, acknowledged a cybersecurity incident on January 23. This event triggered a series of phishing emails using reputable domains, including those affiliated with Cointelegraph, WalletConnect, and Token Terminal. These phishing attacks have resulted in losses exceeding $3.3 million. 

However, it remains uncertain whether Trezor utilises the same email domain provider. Some speculate that the recent assault may be linked to a security breach of Trezor’s support portal on January 17, exposing the contact details of approximately 66,000 users.

“No other data were compromised. We immediately restricted access to all unauthorised actors and are now contacting all affected users,” Trezor stated at the time

Stay safe out there and no clicking random links!