Hardware Wallet Provider Trezor Addresses Malicious Emails
Trezor, a hardware wallet provider, has provided an explanation regarding the malicious emails that were sent to its users. According to Trezor, it discovered an unauthorized email impersonating its team, which was sent from a third-party email provider that it uses. The email, coming from the address “[email protected],” urges users to upgrade their “network” or risk losing their funds. It includes a link that leads to a fraudulent web page where users are asked to enter their seed phrase.
🚨 Security Alert 🚨
We’ve detected an unauthorized email impersonating Trezor sent from a third-party email provider we use.
If you received a suspicious email with the subject line ‘Assets undergoing upgrade’ from the ID: [email protected], please do not click any links or… pic.twitter.com/RqQnQkB4hX
— Trezor (@Trezor) January 24, 2024
Trezor has determined that an unauthorized individual gained access to the newsletter subscriber email address database and utilized a third-party email service to send out the malicious email. The team has successfully deactivated the malicious link and assured users that their funds will remain secure as long as they do not enter their recovery seed.
The unauthorized email impersonating Trezor using our domain addressed subscribers to our newsletter.
If you have not disclosed your 12 or 24-word recovery seed through any online form, your assets remain secure.
If you have entered your recovery seed in any form, particularly…
— Trezor (@Trezor) January 24, 2024
Attackers Exploit MailerLite Vulnerability
Interestingly, the attackers took advantage of a vulnerability in the MailerLite digital marketing platform just days before the incident. They posed as reputable cryptocurrency companies and managed to steal approximately $600,000. The scammers impersonated CoinTelegraph, Token Terminal, Wallet Connect, and De.Fi in their emails. These emails contained malicious links that directed recipients to websites designed to steal their crypto assets.
Hot Take: Protecting Your Crypto Assets from Phishing Attacks
Phishing attacks targeting cryptocurrency users have become increasingly common. To protect your crypto assets from such attacks:
- Exercise caution when receiving unsolicited emails asking for personal information or seed phrases.
- Verify the legitimacy of the sender’s email address and double-check any suspicious links provided.
- Never enter your recovery seed or private keys on unfamiliar websites or platforms.
- Maintain up-to-date security measures on your devices, such as antivirus software and firewalls.
- Stay informed about the latest phishing techniques and security best practices.
By following these precautions, you can minimize the risk of falling victim to phishing attempts and safeguard your valuable crypto assets.
By
By
By
