Cryptocurrency hardware wallet provider Trezor is investigating a recent phishing campaign, as users have reported receiving phishing emails.
The anonymous blockchain sleuth ZachXBT took to his Telegram channel on Oct. 26 to alert users to a phishing attack targeting Trezor customers.
ZachXBT referred to an X (formerly Twitter) post from the account JHDN, which alleged that Trezor may have been breached after receiving phishing emails on the email account used specifically for buying the wallet.
In a similar manner to some Trezor-related phishing attacks in the past, the phishing email invites users to download the “latest firmware update” to users’ Trezor devices in order to “fix an issue in software.” According to the poster, the malicious email was sent from the email amministrazione@sideagroup.com.
It looks like Trezor may have been breached? @Trezor @zachxbt #Trezor pic.twitter.com/4lmjZE1Quk
“Be careful this person just received a phishing email to the email address associated with their Trezor purchase,” ZachXBT wrote, adding that the social media report could point to a potential data breach for Trezor or Evri, the United Kingdom delivery company that ships Trezor devices.
ZachXBT mentioned that two other people on Reddit complained about the same Trezor phishing email today.
According to Trezor’s brand ambassador, Josef Tetek, the firm is aware of the ongoing phishing campaign and is actively looking into it.
“We continuously report fake websites, contact domain registrars, and educate and warn our customers of known risks,” Tetek said, referring to multiple articles aiming to help users deal with phishing attacks. One such article says that phishing emails often redirect to download a Trezor Suite lookalike app that
Read more on cointelegraph.com