Trezor has warned of a new wave of scams involving the misuse of their contact form to send fake emails aimed at stealing user data.
Description of the Scam
Scammers exploited Trezor's contact form to send fake emails that appeared to be official support responses. These emails aimed to trick users into revealing their wallet backups, potentially granting full access to their crypto assets.
Trezor's Response
Trezor issued an alert about the situation on platform X (formerly Twitter), stating the issue has been contained. The company confirmed that no internal systems were breached, and the exploit was limited to the abuse of the contact form for sending fake replies.
User Warnings
Trezor emphasized that these scam emails may look legitimate but are phishing attempts. 'NEVER share your wallet backup—it must always remain private and offline. Trezor will never ask for your wallet backup,' the company noted. No user funds have been reported lost so far.
The incident highlights the evolution of phishing tactics, now even targeting communication tools to gain trust. Trezor is reviewing its internal processes to prevent similar abuses in the future.
