Hardware Wallet Trezor Alerts Users on an Ongoing Phishing Attack
Table of contents
Trezor Users Targeted with Phishing Scam
Earlier on Sunday, several users warned about an ongoing email phishing campaign targeting Trezor users via their registered email addresses.
Confirming the news in a tweet, Trezor said it was investigating "a potential data breach of an opt-in newsletter hosted on MailChimp" and warned users to avoid opening emails from "noreply@trezor.us".
By fraudulently posing as Trezor, the scammers asked users to download an app from the ‘Trezor.us’ domain, which is different from the official domain name, ‘Trezor.io’. The phishing attack was an attempt to lure users to download the malicious code under the guise of Trezor's Suite desktop app by alleging a fake security breach at the company.
After further investigation, Trezor announced that MailChimp confirmed that their service had been compromised. The hardware wallet company further went ahead to warn its users not to click any links from unofficial sources.
"We will not be communicating by newsletter until the situation is resolved. Do not open any emails appearing to come from Trezor until further notice. Please ensure you are using anonymous email addresses for bitcoin-related activity," the firm added.