Author

Topic: [WARNING] New pishing attack/mails towards Trezor customers (Read 182 times)

legendary
Activity: 2212
Merit: 7064
Scammers are targeting Trezor now, but I am sure ledger is next as they started shipping legder stax devices recently.
I received the same email multiple times in one of my old temp email address I used for testing.
They used fake phishing website and they asked users to perform unstaking process:

SCAM
Code:
https: //app.unstaking-trezor.com/



legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
Looks like a scammer sending phishing emails to leak email addresses, right?
~snip~


There are millions of email addresses that have been leaked from somewhere, and many of them are related to cryptocurrencies. Only in the case of Ledger, about 1 million e-mails were leaked, but scammers use all possible publicly available databases, and it is not surprising that such e-mails are also received by those who have nothing to do with cryptocurrencies.

I myself receive such e-mails, whether they concern Trezor, MetaMask or some other wallet that I have never bought/used.
hero member
Activity: 630
Merit: 510
That email is linked to other phishing attacks, not Trezor customers. These are some complaints from blockfi
SCAM ALERT: Beware of "[email protected]"

It has been more than two months and this email has not been closed report also https://www.spam.org/complaint?uid=C-EVERBRIDGE-NET-KC2X9EUFFL
legendary
Activity: 994
Merit: 1089
That's a poorly written phishing e-mail but I am sure it will trick enough users to make it worth the effort for those scumbags who continue to come up with those schemes.
Yeah, poorly written, but like you said it is still enough to deceive whoever becomes their victim. I believe only newbies will fall for this, because after clicking on that link, it would require the person to input their seed phrase, so if the email manages to deceive someone and they click on the link, the next step of inputing your seed phrase should be very suspicious, except if it is a newbie with no prior experience of such situations.
legendary
Activity: 2968
Merit: 3406
Crypto Swap Exchange
i just checked my mailbox and found out that I also received the pishing mail - it comes from [email protected]
I just finished checking the email I used for their forum and didn't receive it [hopefully, it's different from one of the previous ones that scammers sent in batches].
- Based on the reported cases on their subreddit and tweets on X, roughly 10 users have reported receiving that email so far...

Not sure what I'm about to say would be useful, but perhaps affected users should report it to its registrar:
Code:
Registrar Abuse Contact Email: [email protected]

legendary
Activity: 2730
Merit: 7065
That's a poorly written phishing e-mail but I am sure it will trick enough users to make it worth the effort for those scumbags who continue to come up with those schemes. I just checked my unique Trezor e-mail that I created as an experiment to see if hardware wallet companies will leak my data, and I didn't get that e-mail you did. There was something similar, but it was an official e-mail about Trezor introducing an Ethereum staking option.   
copper member
Activity: 2198
Merit: 1837
🌀 Cosmic Casino
Looks like a scammer sending phishing emails to leak email addresses, right? I have never used Trezor, but I don't think they require an email address for one to use/access their device.
Sadly, some newbies can easily fall for this phishing attacks. It would also be much better to know the domain name the fake email redirects to so that it can be reported and taken down. Thanks for the alert.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
~snip~
anyone who has received this mail should delete it immediately and under no circumstances click on any links (which are given in the mail)!!!


Before deleting it (if there is no automatic emptying of the spam folder), I would report such an e-mail as spam, because that way we can help others to not receive such an e-mail in the inbox at all. I agree that we should not click on links in such e-mails, but in most cases, even if someone does, nothing bad will happen, because most of such phishing attempts are reduced to trying to convince the users that they should enter seed words where they should not do that at all.
legendary
Activity: 3304
Merit: 8633
icarus-cards.eu
i just came across the following tweet...


https://x.com/freddienew/status/1796797954662998204

there the x-user @freddienew reports about current pishing mails that allegedly come from Trezor
i just checked my mailbox and found out that I also received the pishing mail - it comes from [email protected]

anyone who has received this mail should delete it immediately and under no circumstances click on any links (which are given in the mail)!!!
Jump to: