The new active phishing attack tries to steal Trezor users’ crypto by tricking investors into entering their recovery phrase on a fake Trezor site.
Hardware cryptocurrency wallet provider Trezor has warned its users about a new phishing attack targeting their crypto investments by trying to steal their private keys.
Trezor took to Twitter on Feb. 28 to caution users about an active phishing attack designed to steal investors’ money by making them enter the wallet’s recovery phrase on a fake Trezor website.
The phishing campaign involves attackers posing as Trezor and contacting victims via phone calls, texts or emails claiming that there has been a security breach or suspicious activity on their Trezor account.
“Trezor Suite has recently endured a security breach, assume all your assets are vulnerable,” the fake message reads, inviting users to follow a phishing link to “secure” their Trezor device.
“Please ignore these messages as they are not from Trezor,” Trezor declared on Twitter, emphasizing that the firm will never contact its customers via calls or SMS. The firm added that Trezor had not found any evidence of a database breach.
According to online reports, the latest phishing attack against Trezor customers was launched on Feb. 27, with users being directed to a domain asking to enter their recovery seed. The domain provides a perfectly-made fake Trezor website that prompts users to start securing their wallets by clicking the “Start” button.
After clicking the “Start” button, users will be asked to provide the recovery phrase for their cryptocurrency wallet.
The wallet’s recovery phrase, or private keys, is the most important part of self-custody by keeping your crypto on a software or hardware noncustodial wallet. The safety of the recovery phrase is more important than keeping the hardware wallet safe. Once the private keys are stolen, it means that crypto holdings no longer belong to their original owner.
The news came shortly after metaverse firm The Sandbox suffered a data breach on Feb. 26, resulting in a phishing email sent to users.
The latest phishing attack against Trezor customers is not the first scam of such kind. Trezor wallets were also targeted with phishing attacks in April 2022, with attackers contacting Trezor users posing as the company, asking them to download a fake Trezor app.
Such attacks are not exclusive to Trezor, though. In 2020, rival hardware wallet firm Ledger suffered a massive data breach, with attackers publicly exposing the personal information of more than 270,000 Ledger customers.
Please Read Essential Disclaimer Information Here.
© 2022-2023 Crypto Caster provides information. CryptoCaster.world does not provide investment advice. Do your research before taking a market position on the purchase of cryptocurrency and other asset classes. Past performance of any asset is not indicative of future results. All rights reserved.
Contribute to CryptoCaster℠ Via Wallet Coin/Token Addresses Below.
BTC – bc1qgdnd752esyl4jv6nhz3ypuzwa6wav9wuzaeg9g
ETH – 0x7D8D76E60bFF59c5295Aa1b39D651f6735D6413D
MATIC – 0x7D8D76E60bFF59c5295Aa1b39D651f6735D6413D
LITECOIN – ltc1qxsgp5fykl0007hnwgl93zr9vngwd2jxwlddvqt