Pages:
Author

Topic: [Warning] Trezor users are receiving fake emails with phishing links. (Read 400 times)

hero member
Activity: 1876
Merit: 721
Top Crypto Casino
There are those in the crypto world who see many such scammers' tactics, as a result of which crypto users have to be careful enough to stay safe from these scams. The websites we share our personal information with and expect to keep our information safe, but it turns out to be a misconception because they never provide proper security to our personal information, thereby leaving our personal information in the hands of scammers. So scammers use that information to create new strategies every time to scam.
exactly and while they may be trying to be true to their words their third party may just don`t bother who they sell such data to or fall into hack. It is actually hard to be free from all these data breach but that won`t stop one for not being extra cautious at least it limits risk especially to phishing scam, if you are privacy and security cautious and constantly updated about them

Companies like Trezor who always talk about security, safety, when users' data is stolen from them, everyone blames them. Why should we accept the story that their data has been leaked from a third party? Because even companies like Trezor do not have their customers' personal information safe. Why didn't they think about the security of their customers, they should have given maximum security to their customers' personal information.

So here's Trezor's oversight, crypto users should think twice about sharing their personal information. So after seeing this news, it is understood that no one thinks about the security of their customers' personal information, when they are hacked, those companies write a sorry announcement and post it on social media.
sr. member
Activity: 952
Merit: 275
Ledger was also a target some months ago, even Metamask too, this isn't something new in crypto space and it's because of the stupidity of people that's why they fall for this scams, my hardware wallet company can't message me using email in taking any actions, our deal was done since the day I purchased the hardware wallet, it's fully open source and non-custodial so it's a forever goodbye to any customer services after buying the hardware wallet.

Even if the email is coming from the official hardware wallet company you should not click on any link or give up your recovery seed, because they might be targeted and got their email account compromised, millions will probably lose their asset if this happen but it can never be me.

Stop reacting to everything you come across online, even a co worker in a company can decide to go bad and steal from customers, in the case of hardware wallets, you must not share anything with the customers services too, understand what you are paying money for, don't just buy and use like an idiot.
sr. member
Activity: 700
Merit: 470
Hope Jeremiah 17vs7
There are those in the crypto world who see many such scammers' tactics, as a result of which crypto users have to be careful enough to stay safe from these scams. The websites we share our personal information with and expect to keep our information safe, but it turns out to be a misconception because they never provide proper security to our personal information, thereby leaving our personal information in the hands of scammers. So scammers use that information to create new strategies every time to scam.
exactly and while they may be trying to be true to their words their third party may just don`t bother who they sell such data to or fall into hack. It is actually hard to be free from all these data breach but that won`t stop one for not being extra cautious at least it limits risk especially to phishing scam, if you are privacy and security cautious and constantly updated about them
hero member
Activity: 1876
Merit: 721
Top Crypto Casino
First, it was ledger and now Trezor users are facing such attacks. I hope nobody falls for these phishing mails.
Atleast, we haven't heard people losing money due to these phishing mails yet, which is a good sign.
I guess people are becoming more aware of these attacks now and are avoiding such phishing mails.
People should learn more about security so that they don't lose money to such scams.
~~~
That is quite obvious because once users get to know the scammers tricks then they don't fall for their traps easily.
Scammers then try a different approach to target the victims and this cycle keeps going on.
There are those in the crypto world who see many such scammers' tactics, as a result of which crypto users have to be careful enough to stay safe from these scams. The websites we share our personal information with and expect to keep our information safe, but it turns out to be a misconception because they never provide proper security to our personal information, thereby leaving our personal information in the hands of scammers. So scammers use that information to create new strategies every time to scam.
hero member
Activity: 2702
Merit: 716
Nothing lasts forever
First, it was ledger and now Trezor users are facing such attacks. I hope nobody falls for these phishing mails.
Atleast, we haven't heard people losing money due to these phishing mails yet, which is a good sign.
I guess people are becoming more aware of these attacks now and are avoiding such phishing mails.
People should learn more about security so that they don't lose money to such scams.
The database of emails used by users to contact support was hacked. The team claims that this database was stored on another server that was not properly protected. In any case, this is a threat to users and developers must take into account all the nuances. Now there are a lot of references to phishing attacks, and other schemes used by scammers, and therefore users are more careful about such mailings or other distributions, that require them to take action or follow some suspicious links.

That's a very lame excuse from Trezor. They being a very well reputed hardware wallet company developing secured hardware wallets should not take it lightly.
They should be keeping all of their servers secured correctly. That's their only job to do.

First, it was ledger and now Trezor users are facing such attacks. I hope nobody falls for these phishing mails.
Atleast, we haven't heard people losing money due to these phishing mails yet, which is a good sign.
I guess people are becoming more aware of these attacks now and are avoiding such phishing mails.
People should learn more about security so that they don't lose money to such scams.
No victims have yet reported being scammed by this phishing attack. But we cannot say for sure that no one has fallen into this trap of scammers, because many times it is seen that victims of scams remain silent for unknown reasons. Scammers are now creating fake phishing websites for almost every popular wallet name, and using stolen databases of crypto users to promote those fake websites.

If this continues, maybe in the coming days scammers will create something more advanced targeting crypto users that will be even more effective than it is now. So to make their every move fail, more publicity is needed to make crypto users more alert.

That is quite obvious because once users get to know the scammers tricks then they don't fall for their traps easily.
Scammers then try a different approach to target the victims and this cycle keeps going on.
hero member
Activity: 1876
Merit: 721
Top Crypto Casino
First, it was ledger and now Trezor users are facing such attacks. I hope nobody falls for these phishing mails.
Atleast, we haven't heard people losing money due to these phishing mails yet, which is a good sign.
I guess people are becoming more aware of these attacks now and are avoiding such phishing mails.
People should learn more about security so that they don't lose money to such scams.
No victims have yet reported being scammed by this phishing attack. But we cannot say for sure that no one has fallen into this trap of scammers, because many times it is seen that victims of scams remain silent for unknown reasons. Scammers are now creating fake phishing websites for almost every popular wallet name, and using stolen databases of crypto users to promote those fake websites.

If this continues, maybe in the coming days scammers will create something more advanced targeting crypto users that will be even more effective than it is now. So to make their every move fail, more publicity is needed to make crypto users more alert.
hero member
Activity: 980
Merit: 947
First, it was ledger and now Trezor users are facing such attacks. I hope nobody falls for these phishing mails.
Atleast, we haven't heard people losing money due to these phishing mails yet, which is a good sign.
I guess people are becoming more aware of these attacks now and are avoiding such phishing mails.
People should learn more about security so that they don't lose money to such scams.
The database of emails used by users to contact support was hacked. The team claims that this database was stored on another server that was not properly protected. In any case, this is a threat to users and developers must take into account all the nuances. Now there are a lot of references to phishing attacks, and other schemes used by scammers, and therefore users are more careful about such mailings or other distributions, that require them to take action or follow some suspicious links.
legendary
Activity: 2968
Merit: 3406
Crypto Swap Exchange
If that's true, that's worrisome. Seriously, how can that happen? How can an unauthorized entity enter their database more than once in a row?
Because of the way they've replied on Twitter, I was also under the impression that their database was compromised, but based on "this blog post", it appears to be only the third-party service [few users on Reddit were pointing to Sendinblue (also known as Brevo)] that they were using for their newsletters.
hero member
Activity: 2702
Merit: 716
Nothing lasts forever
First, it was ledger and now Trezor users are facing such attacks. I hope nobody falls for these phishing mails.
Atleast, we haven't heard people losing money due to these phishing mails yet, which is a good sign.
I guess people are becoming more aware of these attacks now and are avoiding such phishing mails.
People should learn more about security so that they don't lose money to such scams.
sr. member
Activity: 658
Merit: 441
Trezor users are also receiving fake emails, Trezor has already tweeted about this and asked all users to stay safe. These activities of scammers have increased in recent times and they are trying to trap Trezor users. Trezor officials have not released any information on whether the scammers were successful in this attempt. So be safe, now if you get any wallet related email you should verify the official information before clicking on any link.

Source : https://twitter.com/Trezor/status/1750223673506558146

I'm not surprised by this news because there have been similar news of ledger, trust wallet, metamask phishing links flying around on the internet lately. The market is about to go bull and there's going to more entry of crypto users in the crypto space, so these scammers see this period an opportunity to step up their game.

So far, what I've been able to learn from this is that whenever you receive such a message, don't be in a haste to act. Always verify the authenticity of the news by visiting the various official media channels of Trezor or whatever wallet.
full member
Activity: 275
Merit: 109
The only way this can be helpful is that you will then know that any emails that continue to arrive at the old address, and present themselves as if they are from Trezor, are potential phishing scams.
What about those that receive such mail but do not actually have an account or wallet with/on Trezor, anyway these scammers throws spam link to various email addresses, so who ever falls victim gets scammed.
legendary
Activity: 2576
Merit: 1860
I don't understand what you mean by "Trezor officials have not released any information on whether the scammers were successful in this attempt" precisely tbh. You think Trezor know all the adresses of their customers and track all their transactions? Because it's the only way to know that AFAIK since the phishing emails don't ask victims to send funds to one(or several) address but they try to deceive them into handing over their funds. If true it would be concerning.

OP is probably referring to the attempt to steal money from Trezor users. So far, there seems to be no report of lost funds because of the breach. But who knows? You're right; Trezor does not have a way to know what happened to all of their users' funds. So it's misleading or even irresponsible of them assuring the public that no funds were lost due to the said unauthorized access.

But the mere fact that the criminal/s have already gotten into their database, took data like email and names and potentially addresses and contact details as well of tens of thousands of users, they're already successful. Another success is probably that many were actually made to believe that the email was legitimate and clicked on the link. There will be more of such spam and phishing attempts in the future. If nobody fell for it today, there might be in the near future.
hero member
Activity: 504
Merit: 1065
Crypto Swap Exchange
I don't understand what you mean by "Trezor officials have not released any information on whether the scammers were successful in this attempt" precisely tbh. You think Trezor know all the adresses of their customers and track all their transactions? Because it's the only way to know that AFAIK since the phishing emails don't ask victims to send funds to one(or several) address but they try to deceive them into handing over their funds. If true it would be concerning.

Good question. Maybe Trezor just hasn't had any feedback from rip-off customers yet?

Or maybe they deliberately passed on seeds with dusts to the phishers in order to track their wallets and potential new inputs from real victims?
legendary
Activity: 2604
Merit: 2353
I don't understand what you mean by "Trezor officials have not released any information on whether the scammers were successful in this attempt" precisely tbh. You think Trezor know all the adresses of their customers and track all their transactions? Because it's the only way to know that AFAIK since the phishing emails don't ask victims to send funds to one(or several) address but they try to deceive them into handing over their funds. If true it would be concerning.
hero member
Activity: 1876
Merit: 721
Top Crypto Casino
Trezor users are also receiving fake emails, Trezor has already tweeted about this and asked all users to stay safe. These activities of scammers have increased in recent times and they are trying to trap Trezor users. Trezor officials have not released any information on whether the scammers were successful in this attempt. So be safe, now if you get any wallet related email you should verify the official information before clicking on any link.

Source : https://twitter.com/Trezor/status/1750223673506558146


Normal to receive a lot of mail like this since there are criminals want to take advantage the innocence of people towards dealing their wallets so expect that same like this will always occur especially if you use those email on any crypto related online activities.

Its importance for us to avoid clicking those links and tag this immediately as spam so that they will not get curious to open an email like this. If they are doubting regarding on the email they receive much better if they contact the support since this will clear all the doubts in mind regarding on those email they receive.
If one uses an email on any of the online sites, various types of fake offer emails keep coming to trap the users. When scammers leak users' data from a company like Trezor, it surprises everyone, and when scammers send phishing links targeting those users, everyone has no choice but to be extra cautious. When I open an email, I never click on the link until I visit the official website and confirm whether there is any official announcement or not.

And the most important thing is to check the email address from which the email came. New crypto users should understand that if an update comes, it is communicated through an official announcement by that particular company and not just by email.
hero member
Activity: 2520
Merit: 783
Trezor users are also receiving fake emails, Trezor has already tweeted about this and asked all users to stay safe. These activities of scammers have increased in recent times and they are trying to trap Trezor users. Trezor officials have not released any information on whether the scammers were successful in this attempt. So be safe, now if you get any wallet related email you should verify the official information before clicking on any link.

Source : https://twitter.com/Trezor/status/1750223673506558146



Normal to receive a lot of mail like this since there are criminals want to take advantage the innocence of people towards dealing their wallets so expect that same like this will always occur especially if you use those email on any crypto related online activities.

Its importance for us to avoid clicking those links and tag this immediately as spam so that they will not get curious to open an email like this. If they are doubting regarding on the email they receive much better if they contact the support since this will clear all the doubts in mind regarding on those email they receive.
hero member
Activity: 462
Merit: 767
Instant cryptocurrency exchange with own reserves!
It's not just fake Trezor emails. Now there are also fake MetaMask emails from the hackers asking you to turn on 2FA:

Oh bro, Let me laugh first.
I don't know if you have published your website on many platforms or what is the main traffic source of your website. But, If the hacker is from Bitcointalk and knows who is the owner of that website, I wonder why he would even waste his time sending you an email to your website email. I don't think we use our website emails to open an account on some exchange or other services.

Most of the website owners use their website emails to handle business emails like sending proposals or to receive proposals and suggestions. LOL. What makes him think that a person like NotATether could fall for their scam?
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
I wonder whether there is in fact a really safe hardware to keep our coins.

My advice is to take everything out of your Trezor if you have one (and while you're at it, your Ledger too if you have one) and put it in a Coldcard, Bitbox02, or Passport wallet. Or at least some other hardware wallet for which there aren't hacking tutorials for it available on the public internet and Youtube.

Trezor seems to have a really fragile hardware platform.
legendary
Activity: 2576
Merit: 1860
Reading some comments here, it seems that the news stating that the breach only gained access to their support ticket database is wrong. Some users who got the phishing email aren't even Trezor users. They didn't contact Trezor support either.
It appears to be two separate incidents in the space of a week... The first one was for their ticketing system and the latest one is for their "newsletter subscribers".

If that's true, that's worrisome. Seriously, how can that happen? How can an unauthorized entity enter their database more than once in a row?

Ledger has already shown something that has caused a significant backlash in terms of trust among its users. Trezor somehow survives and is probably the top brand right now as far as hardware wallets are concerned. But it actually isn't spotless either. I remember there was a time when the Trezor device itself was hacked.

I wonder whether there is in fact a really safe hardware to keep our coins.
hero member
Activity: 1876
Merit: 721
Top Crypto Casino
Truly, people hardly notice this or even bother themselves about this and even if they do, many won't even be able to identify this flaw from the scammers, since they don't know the actual domain name of Metamask except you are knowledge in privacy and security, this is an excellent scam and many will continue to fall for it.
People are very careless, they don't notice until something bad happens to them. As soon as they receive the email, they click on the link without properly verifying whether it is genuine or not. Since scammers are succeeding in these attempts, they are still using these tactics and crypto users will continue to fall victim to these scams if they are not careful. Scammers are currently using techniques like phishing emails, airdrops to target wallet scams.
Pages:
Jump to: