[Warning] Trezor users are receiving fake emails with phishing links. - page 2.

SFR10

legendary

Activity: 2968

Merit: 3406

Crypto Swap Exchange

Quote from: hd49728 on January 24, 2024, 06:10:13 PM

If Trezor allows you to change your email address, and if yours was pwned, changing that email address to a new one is helpful.

This would only come in handy if you're going to completely ditch the affected email address.

Quote from: Darker45 on January 24, 2024, 09:36:08 PM

Reading some comments here, it seems that the news stating that the breach only gained access to their support ticket database is wrong. Some users who got the phishing email aren't even Trezor users. They didn't contact Trezor support either.

It appears to be two separate incidents in the space of a week... The first one was for their ticketing system and the latest one is for their "newsletter subscribers".

Amphenomenon

sr. member

Activity: 490

Merit: 311

Play Bitcoin PVP Prediction Game

Quote from: NotATether on January 25, 2024, 07:33:19 AM

Quote from: hd49728 on January 25, 2024, 07:25:10 AM

metamask74808 [at] sup.io, I believe very few people can be scam by this email address. If it is like metamask [at] sup.io, it will have higher chance to scam careless people.

Most people do not look at the "From" section unfortunately, only the message content. Especially if the email is using HTML like this one, it is very easy to overlook the sender address. In fact some email providers like Gmail actually hide it by default and just show the friendly name - you have to actually click on it in order to reveal the sender's email address.

Truly, people hardly notice this or even bother themselves about this and even if they do, many won't even be able to identify this flaw from the scammers, since they don't know the actual domain name of Metamask except you are knowledge in privacy and security, this is an excellent scam and many will continue to fall for it.

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: hd49728 on January 25, 2024, 07:25:10 AM

metamask74808 [at] sup.io, I believe very few people can be scam by this email address. If it is like metamask [at] sup.io, it will have higher chance to scam careless people.

Most people do not look at the "From" section unfortunately, only the message content. Especially if the email is using HTML like this one, it is very easy to overlook the sender address. In fact some email providers like Gmail actually hide it by default and just show the friendly name - you have to actually click on it in order to reveal the sender's email address.

hd49728

legendary

Activity: 2044

Merit: 1018

Quote from: NotATether on January 25, 2024, 07:21:47 AM

Now there are also fake MetaMask emails from the hackers asking you to turn on 2FA:

This scam email address is easy to recognize as a scam email.

metamask74808 [at] sup.io, I believe very few people can be scam by this email address. If it is like metamask [at] sup.io, it will have higher chance to scam careless people.

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

It's not just fake Trezor emails. Now there are also fake MetaMask emails from the hackers asking you to turn on 2FA:

When you click the buton, I assume it either downloads a malware or asks you to type in your seed phrase or something like that.

I even got a fake message from Netflix saying "Enable 2fa or your account will be on hold." It looked a lot like the fake MetaMask email so I assume it's from the same hackers.

_act_

hero member

Activity: 868

Merit: 1094

Quote from: Zaguru12 on January 25, 2024, 03:52:23 AM

Deactivating the newsletter will be ok but that won’t stop this kind of phishing attack because it doesn’t seems like some of these people actually gets this emails from the likes of Trezor it self because some others that received the mail aren’t even Trezor users

If you subscribed to Trezor newsletter, you will get the email. Those newsletter subscribers were the emails of the people that were leaked and the hacker that have access to the email sent the email with phishing link included.

But if possible the affected people can do away with the email and not use it again eill be better.

paid2

hero member

Activity: 504

Merit: 1065

Crypto Swap Exchange

Quote from: aoluain on January 25, 2024, 06:56:06 AM

It pays to be very vigilant when receiving emails from any service provider and in this case Trezor.
Its important to take a moment and not click on any links straight away, pause and try and verify.

paid2 how can we not give Trezor our personal details if we want to order a wallet and have it delivered
other than having a PO Box number which not everyone has? am I missing something?

I spend between 2 and 3 months a year in France, and there is this (I do not know if it is legal everywhere, but in the case of France, it is tolerated to buy such keys): https://www.lockpass.fr/
These are the "universal" keys that postmen use to open letterboxes.

When I'm in France, I take the opportunity to find a letterbox with no name (unoccupied or abandoned flat), put a more or less random name on it, and have anything I can pay for in cryptos delivered "anonymously" over there

I use allias systems for my emails, I generate an address for each site and centralise the reception of messages on a single address that I control.

aoluain

legendary

Activity: 2226

Merit: 1249

Quote from: paid2 on January 24, 2024, 09:23:09 PM

I'm surprised at how little noise this is making when you compare it to the same situation Ledger experienced a few years ago. It's strange how different the media and the community as a whole reacted in both situation Ledger/Trezor, which are almost the same (a leak/hack of their customers database).

In any case, you have to be careful and not use your personal data when ordering a hardware wallet. I'm glad I didn't use my personal details when I ordered my Ledger back then, and my Trezor last year. 66,000 doxxed users is not nothing.

It pays to be very vigilant when receiving emails from any service provider and in this case Trezor.
Its important to take a moment and not click on any links straight away, pause and try and verify.

paid2 how can we not give Trezor our personal details if we want to order a wallet and have it delivered
other than having a PO Box number which not everyone has? am I missing something?

hd49728

legendary

Activity: 2044

Merit: 1018

Quote from: _act_ on January 25, 2024, 03:28:52 AM

How is it going to be helpful? So that hackers will later know the email again and start sending phishing messages. The best is to unsubscribe from the newsletter. You can unsubscribe from the email messages. All what that you will do is to scroll down the email message and you will see unsubscribe, click on it and do not receive email from the again. They are careless with people's email.

Helpful in the meantime before Trezor has another data breach.

Will Trezor have other data breaches in future?

We can not know at the moment but if you feel you can not trust them, stop using their service. If you trust them to fix and improve their security, you can continue to use their service. Trust or don't trust their security on user data, you must protect yourself, by changing email, if possible. I don't know it is possible or impossible, just an idea to prevent risk from phishing emails.

Trezor allows users to change email but you will have to contact their support.

Learn Bitcoin

hero member

Activity: 462

Merit: 767

#SWGT CERTIK Audited

Quote from: Churchillvv on January 24, 2024, 07:17:10 PM

@Learn bitcoin was right on what he said below.

Quote from: Learn Bitcoin on January 21, 2024, 11:03:13 PM

Even though they have regained access to their support center, the hacker still has a chance to use email spoofing and send emails to those Trezor users and try various hacking attempts like sending malware and asking them to download, or asking them to use new web portal which could be phishing and numerous more methods they may try. There are still a few percentage of people who might believe those emails and try those things.

This was my basic assumption. If hackers get a list of specific service users, I am sure they will try to trick them. Approx 66000 users' data were leaked from the hack. But, how many of them are aware that their data has been stolen? Almost 90% of them don't know that their data has been stolen and they may face some critical threats. This is unfortunate. Even though Trezor started to give warnings to their users, yet there will be users who may fall for those phishing scams.

Quote

Well it's good to let people know about this current situation, I'm not a trazor user but I'm always concern in knowing all this kind of event because in less than no time I will purchasing a hardware wallet and will not want to face this kind of risk using them.

You should have some basic understanding of how social engineering works and how phishing works. When a user open their wallet for the first time, it says never share your seed phrase and the private key with anyone. That include Trezor or any other wallet providers as well.

FatFork

legendary

Activity: 1568

Merit: 2581

Top Crypto Casino

Quote from: _act_ on January 25, 2024, 03:28:52 AM

Quote from: hd49728 on January 24, 2024, 06:10:13 PM

If Trezor allows you to change your email address, and if yours was pwned, changing that email address to a new one is helpful.

How is it going to be helpful? So that hackers will later know the email again and start sending phishing messages. The best is to unsubscribe from the newsletter. You can unsubscribe from the email messages. All what that you will do is to scroll down the email message and you will see unsubscribe, click on it and do not receive email from the again. They are careless with people's email.

The only way this can be helpful is that you will then know that any emails that continue to arrive at the old address, and present themselves as if they are from Trezor, are potential phishing scams. On the other hand, you will still be able to receive new official announcements to your new address. Of course, this will also potentially expose your new address to a future leak, should there be any.

Davidvictorson

hero member

Activity: 952

Merit: 824

Livecasino.io

One of my friends who works in IT sometime ago told me that email is essentially more dangerous than it is useful. And with all the phishing scams that has been perpetrated via emails, I couldn't agree more. If my memory serves me correctly, I know that there has been Binance, Coinbase, and now Trezor phishing scam via emails.

Glad that Thymos may have thought about this and didn't make the use of email to register on the forum mandatory.

Reading a sample of the email sent to Trezor users in the OP, we can perceive the sense of urgency and those who may have fallen victims to it happened because they first freaked out and at that point, they lost focus as well as their ability to spot the warning signs.

These are indeed old tricks that people should be aware of but are not. I think that these companies should do more in educating their customers on how to identify phishing emails. It is more cost effective than fixing the problem when it has already happened.

Lida93

hero member

Activity: 728

Merit: 512

Quote from: BABY SHOES on January 24, 2024, 11:00:42 PM

But so far I did not receive any email about this or upgrading the firmware and I will not believe it if it is not wrong, of course I will always be careful in this matter even though it comes seemingly from trezor email but should be more sure at X official or original website.

Yes the most important thing is don't give the seed phrase to anyone unless only you know.

Not just you mate even some other trezor users didn't receive the phishing message which could mean that the messages were sent randomly to the trezor users. From what I read on their official account on X they advise their users to delete the messages and we should stay vigilant for phishing attempts but one thing is that they didn't tell us how we are to stay stay vigilant so based on this, unsubscribing from their newsletter/email messages is the safer option right now, because from all what hàs happened it's obvious trezor can't guarantee absolutely security and privacy of users data away from hackers/leak leading to phishing attack on users.

And for users we should be keen to taking steps to verify the genuineness of messages we receive if they are actually from the right source before doing whatever the message is requiring from us so that we don't out of laziness to verify from other sources fall victim to scam.

I think what trezor needs to do now to reassure users is to find out what led to this attack or leak and deal with the problem against repeating in the future. Just a warning isn't enough.

Zaguru12

hero member

Activity: 672

Merit: 855

Quote from: _act_ on January 25, 2024, 03:28:52 AM

How is it going to be helpful? So that hackers will later know the email again and start sending phishing messages. The best is to unsubscribe from the newsletter. You can unsubscribe from the email messages. All what that you will do is to scroll down the email message and you will see unsubscribe, click on it and do not receive email from the again. They are careless with people's email.

Deactivating the newsletter will be ok but that won’t stop this kind of phishing attack because it doesn’t seems like some of these people actually gets this emails from the likes of Trezor it self because some others that received the mail aren’t even Trezor users and there are also other wallets too that are currently warning their users too about the attack, so this doesn’t seem like a Trezor issue only but definitely the newsletter deactivation will be ok but wouldn’t solve the problem.

Quote from: paid2 on January 24, 2024, 09:23:09 PM

I'm surprised at how little noise this is making when you compare it to the same situation Ledger experienced a few years ago. It's strange how different the media and the community as a whole reacted in both situation Ledger/Trezor, which are almost the same (a leak/hack of their customers database).

Its simple one has already gotten a very bad reputation already from the day they brought that recovery process which didn’t seemed welcomed at all to the community and after then they have been facing so many challenges of phishing attacks and as such whenever the company faces any again it causes uproar because many people have been warning against the use of it, so they quickly spread information to back up their claims. It’s nothing new Ledger is already at the center stage of this all and I don’t think they will ever get that reputation back ever again

_act_

hero member

Activity: 868

Merit: 1094

Quote from: hd49728 on January 24, 2024, 06:10:13 PM

If Trezor allows you to change your email address, and if yours was pwned, changing that email address to a new one is helpful.

How is it going to be helpful? So that hackers will later know the email again and start sending phishing messages. The best is to unsubscribe from the newsletter. You can unsubscribe from the email messages. All what that you will do is to scroll down the email message and you will see unsubscribe, click on it and do not receive email from the again. They are careless with people's email.

lovesmayfamilis

legendary

Activity: 2072

Merit: 4265

✿♥‿♥✿

Quote from: Darker45 on January 24, 2024, 09:36:08 PM

Reading some comments here, it seems that the news stating that the breach only gained access to their support ticket database is wrong. Some users who got the phishing email aren't even Trezor users. They didn't contact Trezor support either.

Anyway, the key is to never reveal seed phrases to anybody, even if that person claims to be an official staff of Trezor, even if that is an official email or that is a communication coming from a verified social media account of Trezor.

There are already those who clicked on the phishing link. Lucky for them, the link itself is harmless. It's the form where the link leads to that is vital. It asks for the seed phrase.

That's right. Fraudsters send such letters even to those who are not at all connected to crypto. These email addresses were probably either purchased somewhere or hacked. Therefore, there is often talk about limiting the publication of your email wherever it is proposed to do so. At least secure your email addresses, which may be very important to you.

BABY SHOES

sr. member

Activity: 294

Merit: 433

HODL - BTC

I just found out today's news because I don't always monitor X trezor on a scale but this time I was surprised that there was a phishing attack that had been compromised.

But so far I did not receive any email about this or upgrading the firmware and I will not believe it if it is not wrong, of course I will always be careful in this matter even though it comes seemingly from trezor email but should be more sure at X official or original website.

Yes the most important thing is don't give the seed phrase to anyone unless only you know.

Darker45

legendary

Activity: 2562

Merit: 1854

🙏🏼Padayon...🙏

Reading some comments here, it seems that the news stating that the breach only gained access to their support ticket database is wrong. Some users who got the phishing email aren't even Trezor users. They didn't contact Trezor support either.

Anyway, the key is to never reveal seed phrases to anybody, even if that person claims to be an official staff of Trezor, even if that is an official email or that is a communication coming from a verified social media account of Trezor.

There are already those who clicked on the phishing link. Lucky for them, the link itself is harmless. It's the form where the link leads to that is vital. It asks for the seed phrase.

paid2

hero member

Activity: 504

Merit: 1065

Crypto Swap Exchange

I'm surprised at how little noise this is making when you compare it to the same situation Ledger experienced a few years ago. It's strange how different the media and the community as a whole reacted in both situation Ledger/Trezor, which are almost the same (a leak/hack of their customers database).

In any case, you have to be careful and not use your personal data when ordering a hardware wallet. I'm glad I didn't use my personal details when I ordered my Ledger back then, and my Trezor last year. 66,000 doxxed users is not nothing.

hd49728

legendary

Activity: 2044

Merit: 1018

Quote from: nelson4lov on January 24, 2024, 06:48:49 PM

Social media platforms like X is no longer to be trusted these days; even discord. X and Discord feels like the easiest to be compromised these days

I knew risk of social media and if we only rely on social media accounts for important information, it is wrong at the start. It's only time when nightmare will come with us.

You see, I recommended in my post that visit the official website is a first step, then social media. Or you can follow those services' social media accounts, just to get notifications. After that, you must verify those notification information by visiting official websites.

Quote

it takes just 1 link from a compromise account to screw a lot of users not to mention the influx of scammers on X that appears like the real thing or organization only to be scammers with phishing URLs. I almost feel for one yesterday even though I'm very security conscious. It's a miracle these days not to fall into any of these scams.

People only need to have basic knowledge to protect themselves from scammers. Sometimes they have knowledge but carelessness and greediness harm them.

Discord & scammers. Check user IDs and user colors of strangers send you PMs

Topic: [Warning] Trezor users are receiving fake emails with phishing links. - page 2. (Read 363 times)