Trezor, a leading hardware wallet provider, has reported a phishing attack in which attackers exploited the company's contact form to send fraudulent messages to users.
Incident Description
The company confirmed that scammers abused its contact form to send fake emails posing as legitimate support replies. The attackers did not compromise the email system; they triggered automated responses by contacting support on behalf of affected users.
Phishing Attack Statistics
Trezor emphasized the growing sophistication of threats in the cryptocurrency space. The FBI reported a 300% surge in phishing attacks targeting wallet users in 2023. Research indicates that 85% of crypto losses result from compromised seed phrases.
User Recommendations
The company is actively researching preventive measures, including the implementation of DMARC (Domain-based Message Authentication, Reporting & Conformance). Users are advised to ignore suspicious emails and verify communications directly with Trezor. Key recommendations include keeping backups offline, avoiding public Wi-Fi, and using strong passwords.
The Trezor incident highlights the need for vigilance in the crypto space, where security requires ongoing attention and improvement.
