Hardware wallet users rattled by rise in phishing emails pointing to fake Tezor website Hardware wallet users rattled by rise in phishing emails pointing to fake Tezor website
Fears pose as stark reminder to stay vigilant when clicking links on emails related to digital assets.
2 min read
Updated: Oct. 27, 2023 at 12:12 pm UTC
Cover art/illustration via CryptoSlate. Image includes combined content which may include AI-generated content.
UPDATE: Oct. 27, 10:46 GMT
Hardware wallet service provider Trezor confirmed to CryptoSlate that it is aware of this phishing campaign.
“We are aware of this recent phishing campaign, and we are actively looking into it. We continuously report fake websites, contact domain registrars, and educate and warn our customers of known risks,” Trezor said in an Oct. 27 email to CryptoSlate.
The firm advised users to never enter their recovery seed directly into any website, mobile app or type it into a computer.
“The only safe way to work with the recovery seed is per the instructions shown on a connected Trezor hardware wallet,” Trezor added
Blockchain analyst ZachXBT has highlighted that several Trezor hardware wallet users are receiving phishing emails, raising concerns about potential data breaches at the hardware wallet company.
Users, taking to social media platforms like Reddit and X (formerly Twitter), have reported receiving suspicious emails that direct them to a fake Trezor website, urging them to update their app.
For instance, ZachXBT identified user JHDN, who expressed concerns on X, suggesting a potential security breach at the hardware wallet service provider as a mail created solely for their Trezor account received the phishing mail.
In a similar vein, Reddit user Avid28193 also voiced apprehensions about a potential breach of Trezor’s customer database, saying:
“Someone apparently got a hold of Trezor’s customer database. I’ve been getting several emails and texts about a ‘firmware update’ for a month or so now.”
Trezor or Evri?
Meanwhile, some community members have questioned whether the leak originated from Trezor or its UK distributor, Evri.
Evri is one of the largest parcel delivery firms in the UK and is used by top retail brands like eBay, Amazon, and others.
An X user, TheCrypticWolf, pointed out that the breach might not have originated from Trezor because it automatically deletes its customer information after 30 days.
ZachXBT advised the community to be careful of the phishing campaigns, saying he was unsure if the breach occurred at Evri or Trezor. He wrote:
“Be careful this person just received a phishing email to the email address associated with their Trezor purchase. This was a fresh email specifically created for the purchase, and it was purchased 6 months ago. Seems like a potential data breach for Trezor or Evri (the UK delivery company which shipped the Trezor).”
Evri has yet to respond to CryptoSlate’s request for comment as of press time.
Last year, more than 100,000 users of the hardware wallet service provider fell victim to a phishing email attack. Trezor attributed this breach to an insider compromising a newsletter database hosted on Mailchimp.
Updated with comment from Trezor.
Mentioned in this article
Author 
Oluwapelumi Adejumo
Oluwapelumi values Bitcoin's potential. He imparts insights on a range of topics like DeFi, hacks, mining and culture, underlining transformative power.
Editor Editor 
Liam 'Akiba' Wright
Also known as "Akiba," Liam is a reporter, editor and podcast producer at CryptoSlate. He believes that decentralized technology has the potential to make widespread positive change.
In this article
Trezor
Trezor is a hardware wallet manufacturer, a subsidiary of SatoshiLabs Group which was founded in 2013.
The TREZOR Model-T is a second-generation Bitcoin/Altcoin hardware wallet manufactured by SatoshiLabs.
Trezor is a secure way to keep your cryptocurrency safe from hackers and malware.