Crypto wallet not safe: Trezor under phishing campaign

Hardware wallet firm Trezor has reported a phishing campaign trying to get access to user wallets.

According to a Twitter post, Trezor says: “The attackers contact the victims via phone call, SMS and email to say that there’s been a security breach or suspicious activity.”

🚨 Beware of the active phishing scam!

The attackers contact the victims via phone call, SMS and/or email to say that there’s been a security breach or suspicious activity on their Trezor account.

➡️ Please ignore these messages as they are not from Trezor. ⬅️

More info in🧵👇 pic.twitter.com/nzfSzfwcZ1

— Trezor (@Trezor) February 28, 2023

According to some users, spoofed messages have been received to make them expose their digital keys for access to wallets. 

In another, users are informed that “Trezor Suite has recently endured a security breach” and that they should follow a link to “secure your assets.” With such messages, scammers try to be legitimate to fool the users and take them to a phishing site.

Live Trezor SMS #phishing campaign🪙📱

1⃣🌐hxxps://dpsio.ink/
2⃣🌐hxxps://exo-pro-support.click/#KITIntel🔍 It appears to be an auto-drainer as it checks the seed phrase upon submission. If you put a real seed phrase automated withdrawals could occur⚠️ pic.twitter.com/IpDz9Z7yWh

— Jake | JCyberSec_ (@JCyberSec_) February 28, 2023

This is the first time Trezor has been affected by such phishing attacks. The information was leaked through MailChimp last year. Some people who are not the owners of Trezor are also being targeted.

Thank you for the heads-up. I have been receiving those text messages. Why do they think I have a Trezor?

— Leo Hefner (@leohefner) February 28, 2023

What’s Trezor’s take on phishing attacks?

Trezor said, “We have not found any evidence of a recent database breach. We will never contact you via calls or SMS.”

Although certain attacks are being manipulated but have yet to be reported as successful, the campaign is trying its best to receive the information by luring the customers to fake websites, using social engineering techniques, and sending malware to the user’s devices to trap them.

Exploiting Trezor’s safety takes a lot of work to exploit. It uses polymorphic techniques to prevent collapse. The security chips, pin codes, recovery seed, and frequent updates are designed to prevent hackers from being successful.

How to keep your hardware crypto wallets safe

Hardware crypto wallets are relatively safer, but hackers create ways to exploit them too. You can keep them safe by:

• Keeping them in a secure position
• Enable two-factor authentication
• Update your wallet regularly
• Keep recovery seed safe
• Use a strong passphrase
• Use trusted wallets
• Never share the private key

Concluding thoughts

Keeping your digital assets safe has become difficult. Cybercriminal techniques are always prying on you. It is always wise to be safe on your own; just be careful.