Users report new Trezor phishing emails days after the breach on the support portal
Hardware wallet provider Trezor has confirmed that unauthorized use of its third-party email provider is behind the number of emails sent to users over the past 24 hours.
“We received an unauthorized email impersonating Trezor from a third-party email provider we use,” the hardware wallet vendor explained on January 24.
Security alert
We received an unauthorized email impersonating Trezor from a third-party email provider we use.
If you receive a suspicious email from the ID: noreply@trezor.io with the subject ‘assets under upgrade', please do not click any links or… pic.twitter.com/RqQnQkB4hX
— Trezor (@Trezor) January 24, 2024
The malicious email from “noreply@trezor.io” instructs users to upgrade their “network” or lose their money, which leads to a web page.
Trezor has not confirmed that any users lost money from the phishing attempt, and Cointelegraph has never seen any X posts suggesting that Trezor users were victims of the scam.
However, Trezor has confirmed that it was able to “deactivate the malicious link and user funds will remain safe if the user does not enter their recovery seed.” For those who have done so, Trezor urges users to transfer their funds to a new wallet immediately.
Trezor said the investigation indicated that an unauthorized person entered the database of email addresses for newsletter subscribers and used a third-party email service to send malicious emails.
An unauthorized email impersonating Treasure using our domain forwarded subscribers to our newsletter.
A 12 or 24-word recovery If you don't disclose your race in any online form, your assets will remain safe.
If you enter your recovery seed in any form, specifically…
— Trezor (@Trezor) January 24, 2024
Interestingly, just days ago, email marketing software company MailerLite confirmed a cybersecurity breach on January 23, which led to phishing emails using branded domains, including those owned by Cointelegraph, WalletConnect, and Token Terminal. The attacks resulted in over $3.3 million in losses from phishing attacks. However, it is not clear whether Trezor uses the same email domain provider.
Others believe the attack is related to the recent security breach of Trezor's support portal on January 17, which exposed the contact information of nearly 66,000 users.
“No other data was compromised. We immediately restricted access to all unauthorized actors and are now contacting all affected users,” Trezor said at the time.
Digital property attorney Joe Carlassare said he received the phishing email on Jan. 24 at XPost, which he described as a “sophisticated scam.”
Related: Trezor Releases New Hardware Wallet and Metal Private Key Backup
In the year In February 2023, Trezor warned of a phishing attack designed to steal investor funds by tricking users into entering a wallet recovery phrase on a fake Trezor website.
A few months later, in May, cybersecurity firm Kaspersky noticed that a fake hardware wallet impersonating Trezor had arrived on the market. The fraudsters will try to steal their money through the replaced microcontroller, which allows them to control the user's private key, the security firm said.
Magazine: Which gaming association has positioned itself best for the bull market?