Cryptocurrency hardware firm Trezor has recently issued a warning about an ongoing phishing campaign targeting its customers. The scam involves attackers reaching out to victims through phone calls, SMS, and emails, claiming there has been a security breach or suspicious activity on their Trezor accounts. Trezor emphasized that they will never contact customers via calls or SMS, and they have not found any evidence of a recent database breach.
Trezor provides hardware-based wallets for users to store their cryptocurrency securely. However, if users fall for the phishing scam and disclose their recovery seed – a 12- or 24-character password used to restore wallets on different devices – scammers could gain access to their funds.
Reports of the phishing campaign surfaced on Twitter, with screenshots showing fraudulent messages urging users to upgrade their wallets or secure their assets due to alleged security breaches. Clicking on the provided links redirects victims to spoofed Trezor websites where they are prompted to enter their recovery seed.
The phishing campaign is not a new tactic, as Trezor users have been targeted in similar scams before. Last April, a convincing phishing campaign was launched after scammers obtained contact details from a newsletter mailing list hosted by MailChimp.
Trezor advises customers to remain vigilant and not disclose their recovery seed or personal information to anyone claiming to be from the company. It is crucial for users to verify the authenticity of any communication received from Trezor and report any suspicious activity immediately.
By staying informed and cautious, cryptocurrency users can protect their assets and avoid falling victim to phishing scams targeting reputable companies like Trezor.