Hardware wallet provider Trezor confirmed that an unauthorized third party gained access to its email distribution list and used it to send phishing emails to Trezor users over the past 12 hours.
“We’ve detected an unauthorized email impersonating Trezor sent from a third-party email provider we use,” Trezor explained. The phishing email from “noreply@trezor.io” misled users into upgrading their “network” or risking losing funds. It provided a malicious link, leading users to enter their seed phrase.
Trezor deactivated the link and assured users their funds would remain protected unless they entered their recovery seed. Those who did are urged to transfer their holdings to a new one immediately.
The company’s investigation points to an unauthorized person accessing its newsletter subscriber database. The bad actor used Trezor’s third-party email service to distribute the scam email.
Some speculate this attack relates to a recent security breach exposing contact information for nearly 66,000 Trezor users on January 17th. “No other data were compromised. We immediately restricted access to all unauthorized actors and are now contacting all affected users,” the company stated.
Also Read: Crypto Firm Targeted in Phishing Scam
