Trezor warns users about phishing emails mimicking customer support

Trezor has issued a security alert warning users about a phishing campaign where attackers exploited its online support contact form to send scam emails that appear as legitimate Trezor customer support replies.

The attackers submitted support requests using the email addresses of targeted users, which triggered Trezor’s automated system to send auto-replies that looked like genuine support emails.

These phishing emails are designed to trick users into revealing sensitive information such as their wallet backups, which Trezor emphasizes should never be shared and must always remain private and offline.

The company confirmed there was no breach of its internal email systems, and the contact form remains safe and secure, but the attackers likely used previously leaked email addresses to launch the attack. Trezor has contained the issue and is investigating additional safeguards to prevent future abuse.

Trezor reminds users that it will never ask for wallet backups and urges vigilance against phishing attempts, which are common in the cryptocurrency industry.

The incident highlights evolving phishing tactics that even exploit legitimate communication channels to gain trust. No user funds have been reported lost so far, but Trezor advises users to verify any messages through official channels and maintain strict security practices.

It's me, @justmythoughts, an ordinary Hive user looking to make the most of the platform. I will appreciate your support. Follow me for more. Thanks, Gracias :)