Search Inside Bitcoins

Trezor Launches Investigation Over Phishing Attacks On Its Users

Don’t invest unless prepared to lose all the money you invest. This is a high-risk investment, you shouldn’t expect to be protected if something goes wrong.

Hardware Wallet Maker Trezor Calls Its Data Breach Claims A Hoax
Hardware Wallet Maker Trezor Calls Its Data Breach Claims A Hoax

Join Our Telegram channel to stay up to date on breaking news coverage

Cryptocurrency hardware wallet provider Trezor says it is investigating a recent phishing campaign that targeted its users through their registered email addresses. The firm started the investigation after receiving several alerts from Trezor users on Twitter.

According to the alarms, unauthorized actors contacted several Trezor users posing as the company. The goal of these scammers is to mislead gullible investors and steal their crypto funds.

The Threat Actors Cloned Trezor’s Website

Some of the Trezor users received an email asking them to download applications from the “trezor.us” domain, which is a fake domain that clones the official Trezor domain name, ‘trezor.io.’

Initially, Trezor thought the affected email addresses belong to a list of users that subscribed for newsletters, hosted on Mailchimp, and American marketing service providers.

The security incident started when users of the Trezor hardware wallet started receiving bogus security incident emails that claim to be a data breach notification. The fake email alert informed users that Trezor experienced a security breach that affected 106,856 of its customers. The fake email also told the user that the wallet associated with their email address has been compromised as well.

Users Are Deceived Into Downloading Updates

The bogus data breach notification also noted that the company doesn’t know the extent of the breach. It further asked users to set up a new PIN on their hardware wallet by downloading the latest update.

However, when the user clicks on the downloaded link, it takes them to the fake website where the threat actors can carry out further damage to the user’s system.

The domain name of the first website uses Punycode characters, allowing the threat actors to impersonate the main Trezor domain using Cyrillic or accented characters.

Your capital is at risk.

Read more:

Join Our Telegram channel to stay up to date on breaking news coverage

Read next