Scammers Target Trezor Users With Phishing Scams Recently

phishing, fraud, hacking-6926470.jpg

Trezor, a hardware Crypto wallet provider, has alerted its users to a fresh phishing scam that aims to acquire their private keys to target their Crypto investments.

On February 28, Trezor announced on Twitter that there was an ongoing phishing scam that required customers to enter their Trezor wallet recovery phrase on a phony Trezor website in order to steal their money.

What happened?

Beginning on February 27, a number of Trezor users reported receiving shady emails and texts claiming that Trezor had had a data breach. The notice, which warned that user holdings were at risk of being stolen, instilled a feeling of dread. To protect themselves from the data breach, it subsequently pointed users to a page where they may modify their login information.

When users clicked on this link, they were directed to a page that resembled one of the Trezor website’s pages. Customers were encouraged to update their recovery phrases by the brief notice on this page, which served to emphasize the severity of the situation. Users were required to enter their wallet’s existing recovery phrase to create a new, secure recovery phrase.

Unfamiliar users can utilize a recovery phrase, which is a 12- or 24-word string of random phrases, to retrieve their Crypto holdings in the event that their wallet has been lost or stolen. Users would type their recovery phrase on the bogus page, driven by their dread of losing their possessions. They were actually entering this information into a scammer-controlled database.

Yet once scammers obtain a wallet’s recovery phrase, stealing the Crypto therein is simple work.

The announcement was announced immediately after customers received a phishing email as a result of a data breach at metaverse company The Sandbox on February 26.

Previous scams faced by Trezor

The most recent phishing scam targeting Trezor users is not the first of its sort. In April 2022, Trezor wallets were also the victim of phishing assaults. Attackers got in touch with Trezor users under the guise of the company and asked them to download phony Trezor software.

Enjoy reading? Share with your friends
Scroll to Top