Hardware wallet manufacturer Trezor has issued a security alert against a new phishing attack targeting its users.
The company announced that attackers were abusing Trezor's contact form to send fake support responses, posing as legitimate Trezor support and asking users for wallet backups.
The statement from Trezor included the following statements:
“The attackers used our contact form to request support on behalf of some addresses. As a result of these requests, our system automatically sent responses that looked like Trezor support messages. These emails are completely fake and a phishing attempt.”
The company once again said that wallet backups should be kept strictly confidential and warned:
“Never share your wallet backup. Trezor will never ask you for this information. Your wallet backup should always remain offline and private.”
Trezor stated that there was no email data leak in the incident and that the system is currently secure. It also added that the contact form can continue to be used and that work is ongoing to prevent similar abuse in the future.
*This is not investment advice.
