A phishing campaign targeting Trezor wallet users has emerged, attempting to steal their cryptocurrency wallets and assets. Threat actors have sent SMS and email phishing messages to Trezor customers claiming that the company had suffered a data breach.
The phishing messages ask the targets to visit a specified website to secure their wallet, which then prompts them to enter their recovery seed, allowing the threat actors to steal it.
Trezor is a hardware cryptocurrency wallet that allows users to store their cryptocurrency offline for added protection from malware and compromised devices.
However, anyone who gains access to the recovery seed can also restore the wallet on their own devices, making users juicy targets for threat actors. The phishing campaign began on February 27th, and Trezor has warned users to ignore messages that claim there has been a security breach or suspicious activity on their account.
Trezor has also stated that it has not found any evidence of a recent data breach in its systems. Users are advised to never share their wallet’s recovery passwords, seeds, or phrases with anyone else or enter them on any sites.
It is unclear how the threat actors are targeting Trezor customers’ phone numbers and email addresses, but it could be through a marketing list stolen in a MailChimp breach in March 2022.
