Trezor wallet customers are targeted with a massive phishing campaign themed on a fake data breach. Hackers here are persuading users to go through a security process, which is ultimately aimed at stealing their cryptocurrencies.
Trezor acknowledged this incident and asked users to stay aware of it. It confirmed that no evidence of data breach was found on it’s systems, while also not knowing how the threat actor is able to get his hands on their customer database.
Targeting Trezor Users for Cryptocurrencies
Trezor, a reliable hardware solution for storing your cryptocurrencies, is now being a theme for stealing your digital assets. Since earlier this week, Trezor customers have been targeted with phishing emails and SMS themed on a fake data breach at Trezor.
https://twitter.com/dubstard/status/1630634978110259214?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1630634978110259214%7Ctwgr%5Eef0a79a29c583d8c267f5c64ad7333a4eb93ab19%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Ftechdator.net%2Ftrezor-users-targeted-massive-phishing-campaign%2F
Citing this, the threat actors are persuading users to go through a security process – redirecting them to a phishing page crafted similarly to Trezor’s login site. Unsuspecting users entering their Trezor wallet credentials (12-word or 24-word seed phrase) may have their digital tokens stolen by the threat actors in no time.
It’s important that you identify fake websites by their URL and be cautious when entering sensitive details like login credentials or PII. Hackers having these details may impersonate you to steal money from your contacts or defame you openly.
Trezor is aware of this situation and asked users to be vigilant about such messages. Emails or SMS pertaining to the data breaches at Trezor are fake, as the company said it found no evidence of a hack on it’s systems, in recent times.
🚨 Beware of the active phishing scam!
The attackers contact the victims via phone call, SMS and/or email to say that there’s been a security breach or suspicious activity on their Trezor account.
➡️ Please ignore these messages as they are not from Trezor. ⬅️
More info in🧵👇 pic.twitter.com/nzfSzfwcZ1
— Trezor (@Trezor) February 28, 2023
Asking them to be cautious, Trezor asked it’s customers not to enter their credentials on suspicious pages. Also, they reminded the community that they would never contact customers through calls or SMS.
How threat actors got the customer contact data is unknown. But it was linked to MailChimp’s data breach in mid-last year, where over 100 customers were affected. The list mostly has finance and cryptocurrency companies, including Trezor.
Other Trending News:- News
