Unauthorized phishing attempt targets Trezor users

In this post:

  • Trezor detected phishing emails urging users to upgrade to protect funds but deactivated the link.
  • Unauthorized access to Trezor’s email database may not have resulted in user losses.
  • Cryptocurrency cyberattacks are rising, emphasizing the need for user caution and security measures.

Hardware wallet provider Trezor has reported an unauthorized phishing attempt aimed at its users. The attack involved malicious emails impersonating Trezor and urging users to upgrade their “network” or risk losing their funds. 

The company has deactivated the malicious link and advised affected users to transfer their funds to new wallets.

Phishing attempt detected

Trezor, a well-known provider of hardware wallets for cryptocurrency storage, has identified a phishing attempt targeting its users. The company confirmed that the attack was carried out through an unauthorized email sent from a third-party email provider used by Trezor. 

In the malicious email, users were instructed to upgrade their “network” to avoid losing their funds. A deceptive link in the email led users to a webpage where they were prompted to enter their seed phrase.

Trezor has not yet confirmed whether users have fallen victim to the phishing attempt. However, the company assured users that their funds remained secure if they had not entered their recovery seed. For those who did disclose their seed phrase, Trezor strongly recommends transferring their funds to a new wallet immediately.

Unauthorized access to email database

The investigation conducted by Trezor suggests that an unauthorized individual gained access to the company’s database of email addresses, which primarily consists of newsletter subscribers. 


This perpetrator then utilized a third-party email service to send out the malicious emails on behalf of Trezor.

This incident has raised concerns about the security of user data and the potential risks associated with third-party service providers. While Trezor has taken measures to address the situation, it highlights the importance of robust cybersecurity measures to protect user information and assets in cryptocurrency.

Some experts believe this phishing attempt may be connected to a recent security breach involving Trezor’s support portal. On January 17, the company disclosed that the contact information of approximately 66,000 users had been exposed. 

Trezor quickly took action to restrict unauthorized access and notified affected users at that time.

The connection between the security breach and the phishing attempt is speculative, but it underscores the vulnerability of user data in the cryptocurrency industry. Companies and users alike must remain vigilant in safeguarding sensitive information and assets.

Cybersecurity incidents on the rise

It is worth noting that this phishing attempt on Trezor users is not an isolated incident. The cryptocurrency industry has witnessed a surge in cyberattacks, particularly phishing attacks, in recent times. These attacks often aim to deceive users into disclosing their private keys or seed phrases, leading to the loss of their digital assets.

Coincidentally, email marketing software firm MailerLite reported a cybersecurity incident on January 23, just one day before Trezor’s phishing attempt. This incident resulted in phishing emails using branded domains, including those associated with Cointelegraph, WalletConnect, and Token Terminal. These phishing attacks collectively led to losses exceeding $3.3 million.

While it is unclear whether Trezor uses the same email domain provider as the affected companies, the timing of these incidents highlights the ongoing challenges posed by cyber threats in the cryptocurrency ecosystem.

User vigilance and security measures

Users must remain vigilant and proactively protect their assets as the cryptocurrency industry grows. It is essential to exercise caution when receiving unsolicited emails or messages, especially those requesting sensitive information like private keys or seed phrases.

Additionally, users should regularly update their security practices, enable two-factor authentication (2FA) whenever possible, and verify the authenticity of communications from cryptocurrency service providers. It is advisable to visit official websites directly rather than clicking on links in emails to ensure the legitimacy of requests.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Share link:

Most read

Loading Most Read articles...

Stay on top of crypto news, get daily updates in your inbox

Related News

What exactly is headed Bitcoin's way this week?
Subscribe to CryptoPolitan