Crypto wallet manufacturer Trezor has warned of a large-scale phishing campaign targeting users.
Crypto hardware wallet manufacturer Trezor has warned users of a huge phishing campaign targeting victims via phone call, SMS, and email.
Trezor Users Are Being Targeted in a Phishing Campaign
On February 28, 2023, crypto wallet provider Trezor took to Twitter to warn users of a phishing campaign. The campaign began a day prior, with Trezor users receiving suspicious texts, emails, and phone calls.
Trezor is a popular hardware crypto wallet manufacturer. Its wallets, including the Model One and Model T, have become popular asset storage choices among crypto holders.
In the warning tweet posted by Trezor, it was stated that the attackers are contacting victims via phone call, SMS, or email to alert them of a faux security breach or suspicious activity on their Trezor account.
In the attack, users are told that Trezor itself has suffered a data breach, and are provided a link to a webpage they should visit to secure their account. Here, the user will be asked to provide their recovery seed phrase, which the attacker will then use to access their wallet.
The goal of this dangerous phishing campaign is to access assets stored on the targeted Trezor crypto wallets. Trezor has asked users to ignore these malicious communications.
No Data Breach Seems to Have Resulted from This Attack
In a comment under the aforementioned tweet, Trezor stated that it has “not found any evidence of a recent database breach” as a result of this phishing campaign. The company also reminded users that it will never try to contact them via phone calls or SMS.
Phishing Attacks Are Commonplace in the Crypto Industry
Within the crypto realm, phishing is often used as an attack vector to steal precious credentials, such as private keys and login information. This data can give cybercriminals access to your crypto funds.
Cryptocurrency exchange Coinbase, for instance, has been the target of phishing campaigns in the past, including an email scam that went after account holder credentials.
Be Wary of your Crypto Communications
When you receive any kind of email, SMS, social media message, or phone call from a crypto platform you’re signed up to, approach it with caution. While crypto services can communicate with you via these channels, cybercriminals will also impersonate these trusted entities to get access to your data.
