Trezor's brand advocate, Josef Tetek, emphasised that the hardware wallet manufacturer never asks for its clients' recovery seed, PIN, or passphrase.

Trezor, a company that makes cryptocurrency hardware wallets, is investigating a new effort at phishing after users reported getting phishing emails.

On October 26, users were alerted by anonymous blockchain specialist ZachXBT to a phishing attempt targeting Trezor users on his Telegram channel.

ZachXBT referenced a tweet from the account JHDN on X (formerly Twitter), 

It suggested that the email address used to buy the wallet may have been the source of phishing emails that compromised Trezor.

Similar to multiple other phishing campaigns pertaining to Trezor devices, the phishing email urges users to download the “latest firmware update” for their devices in order to “fix a fault in software." Per the poster, the fraudulent email originated from amministrazione@sideagroup.com.

On Twitter, Reafd

Informed that "Be careful, this person just received a phishing email to the email address associated with their Trezor purchase." 

He said, "There could have been a data breach at Trezor, or at Evri, the UK-based delivery company that supplies Trezor devices," according to the social media source.

ZachXBT stated that two Reddit complaints today were about the same phishing email posing as Trezor.
Josef Tetek, a Trezor brand ambassador, asserts

In addition to informing and warning our clients about recognised risks, we notify domain registrars of fraudulent websites," Tetek said,

Citing several articles that help customers avoid falling for phishing schemes. Customers are regularly lured by phishing emails to download a software that resembles Trezor Suite and requests that they link their wallet and input their seed, according to one such post.

As soon as you enter the hacked seed into the application, your money is instantly transferred to the attacker's wallet

It says on the page. Tetek stressed that users' recovery seed, PIN, or passphrase are never requested by Trezor


Users should never enter their recovery seed directly into any website, mobile application, or computer," the statement continues. The sole
Cryptocurrency investors have experienced multiple phishing attacks in spite of multiple efforts to stop these fraudulent schemes.

 According to reports, a prominent bitcoin investor lost $24 million in assets in September as a result of falling for a common phishing schemeAccording to certain cybersecurity assessments, there will be 40% more bitcoin phishing attacks in 2022.

DISCLAIMER: We don't provide any investment advice.