Trezor, a renowned hardware wallet provider, has confirmed that a recent surge in malicious emails sent to its users over the past 24 hours was a result of unauthorized use of its third-party email provider.
On January 24th, Trezor detected an unauthorized email impersonating the company, originating from a third-party email service they employ.
The fraudulent email, appearing to be from “noreply@trezor.io,” directed users to upgrade their “network” or risk losing their funds.
It included a malicious link leading to a webpage where users were prompted to enter their seed phrase.
While there is no official confirmation of users losing funds to this phishing attempt, there have been no reports indicating any Trezor users falling victim to the scam.
Trezor took swift action to deactivate the malicious link and assured users that their funds remain secure as long as they refrain from entering their recovery seed.
For those who did enter their recovery seed, Trezor strongly recommends transferring their assets to a new wallet immediately.
Trezor’s investigation has revealed that an unauthorized individual gained access to their database of email addresses for newsletter subscribers and used a third-party email service to distribute the malicious emails.
READ MORE: Avalanche Foundation Sets Criteria for Memecoins Seeking Share of $100 Million Fund
As long as users have not disclosed their 12 or 24-word recovery seed through any online form, their assets remain safe.
Interestingly, a few days before this incident, MailerLite, an email marketing software firm, reported a cybersecurity breach on January 23rd, resulting in a series of phishing emails using branded domains, including those associated with Cointelegraph, WalletConnect, and Token Terminal.
These attacks collectively led to losses exceeding $3.3 million through phishing attacks. It remains unclear whether Trezor utilizes the same email domain provider as those affected.
Some suspect that this attack may be linked to a recent security breach involving Trezor’s support portal, where the contact information of nearly 66,000 users was exposed on January 17th.
Trezor promptly took measures to restrict unauthorized access and began notifying affected users.
Digital asset lawyer Joe Carlasare revealed his personal encounter with the phishing email, describing it as a “sophisticated scam.”
This incident is not the first time Trezor has faced phishing threats, as they previously cautioned users in February 2023 about a similar attack aimed at stealing investor funds by tricking them into entering their recovery phrase on a fake Trezor website.
Additionally, in May, cybersecurity firm Kaspersky reported a fake hardware wallet impersonating Trezor that attempted to steal funds by replacing the microcontroller, allowing the attackers to gain control of users’ private keys.
Discover the Crypto Intelligence Blockchain Council
