Hardware wallet users rattled by rise in phishing emails pointing to fake Tezor website
Fears pose as stark reminder to stay vigilant when clicking links on emails related to digital assets.
UPDATE: Oct. 27, 10:46 GMT
Hardware wallet service provider Trezor confirmed to CryptoSlate that it is aware of this phishing campaign.
“We are aware of this recent phishing campaign, and we are actively looking into it. We continuously report fake websites, contact domain registrars, and educate and warn our customers of known risks,” Trezor said in an Oct. 27 email to CryptoSlate.
The firm advised users to never enter their recovery seed directly into any website, mobile app or type it into a computer.
“The only safe way to work with the recovery seed is per the instructions shown on a connected Trezor hardware wallet,” Trezor added
Users, taking to social media platforms like Reddit and X (formerly Twitter), have reported receiving suspicious emails that direct them to a fake Trezor website, urging them to update their app.
For instance, ZachXBT identified user JHDN, who expressed concerns on X, suggesting a potential security breach at the hardware wallet service provider as a mail created solely for their Trezor account received the phishing mail.
In a similar vein, Reddit user Avid28193 also voiced apprehensions about a potential breach of Trezor’s customer database, saying:
“Someone apparently got a hold of Trezor’s customer database. I’ve been getting several emails and texts about a ‘firmware update’ for a month or so now.”
Trezor or Evri?
Evri is one of the largest parcel delivery firms in the UK and is used by top retail brands like eBay, Amazon, and others.
An X user, TheCrypticWolf, pointed out that the breach might not have originated from Trezor because it automatically deletes its customer information after 30 days.
ZachXBT advised the community to be careful of the phishing campaigns, saying he was unsure if the breach occurred at Evri or Trezor. He wrote:
“Be careful this person just received a phishing email to the email address associated with their Trezor purchase. This was a fresh email specifically created for the purchase, and it was purchased 6 months ago. Seems like a potential data breach for Trezor or Evri (the UK delivery company which shipped the Trezor).”
Evri has yet to respond to CryptoSlate’s request for comment as of press time.
Last year, more than 100,000 users of the hardware wallet service provider fell victim to a phishing email attack. Trezor attributed this breach to an insider compromising a newsletter database hosted on Mailchimp.
Updated with comment from Trezor.