Trezor Customers Targeted with Phishing Scam

The owners of Trezor, a popular manufacturer of cryptocurrency hardware wallets, have been targeted with fake data breach emails, according to a tweet posted by the Prague-based company.

The incident was linked to the popular email marketing service platform Mailchimp, which has been compromised by an insider in order to send malicious links to cryptocurrency firms.

Those users who have subscribed to one of the newsletters powered by Mailchimp received a slew of fake notifications. Fraudsters, who were impersonating the Trezor team, warned that the cryptocurrency holdings of their potential victims could be stolen due to a massive security breach.

The bad actors behind the scam attempted to lure the recipients of the aforementioned emails into downloading a fake version of Trezor Suite software from a fraudulent domain that look like the real deal and trap them into entering their seed phrase.     

The bogus domain name featured Punycode characters, which made it possible for the hackers to add a veneer of legitimacy to the fake app.

According to Bleeping Computer, the scammers created a fraudulent version of Trezor Suite that is almost indistinguishable from the real one on the surface. To make potential victims drop their guard, the app even included a legitimate-looking warning, which urged users not to enter their recovery seed in the wake of the recent phishing attacks (unless the physical device instructs them to do so).     

The recovery seed is the most crucial element of any wallet. It is a list of words that allow easily regaining access to one’s cryptocurrency holdings. The rule of thumb is to never enter your seed phrase on any site. Nevertheless, there have been countless victims who have been careless and clueless enough to disclose their seed phrases.