Trezor Support Platform Exploited in Crypto Phishing Scams
▼ Summary
– Trezor warns users of a phishing campaign exploiting its automated support system to send deceptive emails from its official address.
– Attackers manipulate Trezor’s ticket system by submitting urgent phishing messages, which appear legitimate due to the official reply email.
– Phishing emails direct users to fake sites requesting their wallet seed phrase, which grants full access to their cryptocurrency assets.
– Trezor advises users never to share their seed phrase and is working on defenses to prevent future abuse of its support system.
– This incident follows previous attacks targeting Trezor users, including breaches via third-party platforms like MailChimp and unauthorized access to its support portal.
Trezor users are being targeted by a sophisticated phishing campaign that exploits the company’s legitimate support system to distribute fraudulent emails. The hardware wallet provider has issued warnings about this ongoing scam, which leverages automated responses from its official help desk to appear authentic.
The vulnerability stems from how Trezor’s support platform operates. Anyone can submit a ticket using any email address and subject line, triggering an automated reply from the genuine help@trezor.io address. Cybercriminals are abusing this feature by crafting alarming subject lines, such as “[URGENT]: vault.trezor.guide – Secure your assets now to prevent potential risks.” These emails direct recipients to a fake website designed to steal their wallet recovery phrases.
Once victims click the link, they land on a convincing phishing page that prompts them to enter their 24-word seed phrase, the master key to their cryptocurrency holdings. If compromised, this information grants attackers full control over the associated wallet, allowing them to drain funds without needing physical access to the Trezor device.
The company has emphasized that users should never share their seed phrase under any circumstances, as legitimate support teams will never request this information. Trezor is actively working on security updates to prevent further exploitation of its ticketing system.
This incident is part of a troubling pattern. In April 2022, a breach at email service provider MailChimp enabled scammers to send phishing messages to Trezor customers. A year later, in February 2023, a widespread campaign used fake emails and texts urging users to “update” their devices via malicious links. More recently, in January 2024, unauthorized access to Trezor’s third-party support portal exposed data for approximately 66,000 users.
To stay protected, Trezor advises customers to verify the authenticity of any unexpected communications and to rely only on official channels for support. The company has also published a detailed guide on recognizing and avoiding phishing attempts. Hardware wallets remain one of the safest ways to store crypto, but vigilance is essential to outsmart increasingly sophisticated scams.
(Source: BLEEPINGCOMPUTER)
