Trezor, a well-known hardware wallet provider, has issued a warning for its users about a new phishing attack using deceptive messages. This article discusses the details of the warning and its potential implications.
About Trezor's Alert
On June 23, Trezor expressed concern on its account on platform X (formerly Twitter) regarding a new attack scheme. Malicious actors used Trezor's contact form to send fake messages impersonating official support replies.
Explanation of the Situation
The company confirmed that there was no breach of its internal email systems. The attackers submitted support requests using the email addresses of targeted users. This triggered Trezor’s automated system to send what appeared to be legitimate support replies, adding credibility to the phishing messages.
Recurring Incidents and Security Measures
Trezor also noted that this is not the first instance of such attacks. In January, a data breach was reported where attackers used a newsletter subscriber database to send malicious emails. In light of these incidents, Trezor urged users to stay vigilant and follow stringent security practices, reminding them to "never share their wallet backup—it must always remain private and offline."
Given the rising threat of phishing, Trezor users are strongly advised to exercise caution and protect their assets by adhering to proper security practices.
