Cryptocurrency hardware firm Trezor has recently issued a warning about an ongoing multi-channel phishing campaign aimed at deceiving customers into revealing access to their wallets. The attackers have been reaching out to victims through phone calls, SMS, and email, claiming there has been a security breach or suspicious activity on their Trezor accounts. Trezor clarified on Twitter that they have not detected any recent database breaches and emphasized that they would never contact users via calls or SMS.
Trezor offers hardware-based wallets for storing cryptocurrency, which is generally considered a more secure option compared to software-based wallets. However, if users unwittingly disclose their “recovery seed” to scammers, it could potentially grant them access to the funds stored in the wallets. The recovery seed, typically a 12- or 24-character password, allows users to restore their wallet on a different device in case of device loss, theft, or malfunction.
Several users took to Twitter to share screenshots of the phishing campaign messages they received. In one instance, a spoofed Trezor notification prompted users to upgrade their wallets due to a purported failure in completing the new Ethereum Merge. In another message, users were informed of a fictional security breach in Trezor Suite and advised to click on a link to “secure their assets,” leading them to a phishing page designed to mimic a legitimate Trezor site.
The phishing page falsely claimed that it was technically challenging to determine the extent of the data breach and urged users to assume that all their assets were at risk if they had recently used Trezor Suite. The message instructed affected users to follow a specific procedure to safeguard their assets, ultimately guiding them to enter their recovery seed after clicking on a “Start” button.
This is not the first instance of Trezor users being targeted in phishing campaigns. In April last year, a convincing phishing campaign was orchestrated against users whose contact details were obtained from a newsletter mailing list managed by MailChimp.
It is crucial for cryptocurrency users to remain vigilant and cautious when receiving unsolicited communications regarding their wallets or accounts. Trezor advises users to be wary of any requests for sensitive information and to verify the authenticity of messages before taking any action. By staying informed and adopting best practices for securing cryptocurrency assets, users can help protect themselves against potential phishing attacks and scams.