The manufacturer of hardware cryptocurrency wallets, Trezor, has reported a new wave of phishing attacks targeting the brand’s users. Cybercriminals have exploited the company’s official website, specifically its contact form, to send fraudulent emails that appeared to be responses from Trezor’s support team.
This is reported by Finway
Features of the Fraudulent Scheme and Company Actions
As explained by Trezor, cybercriminals used the contact form to send emails that mimicked official communications to customers. The aim of these emails was to obtain users’ confidential information, including wallet backups. The company emphasized that there was no email data breach, and the contact form itself remained secure. Additional security measures have been implemented to prevent similar incidents in the future.
“We identified a security issue when criminals used our contact form to send fraudulent emails that looked like genuine responses from Trezor support.”
Recommendations for Users and Previous Incidents
The Trezor team urges users to exercise extreme caution and not to disclose their wallet backups to anyone. The company stresses that genuine Trezor support will never ask for this information; it should remain solely with the user and be kept offline.
This incident marks yet another in a series of attacks on Trezor over the past year and a half. For instance, in January 2024, unauthorized access to a third-party support portal for the company was recorded. In March of the same year, Trezor’s account on the social network X was hacked, where criminals posted fake presales on the Solana network. In March 2025, Ledger Donjon experts discovered a vulnerability in the Safe 3 model, which Trezor promptly addressed.
Trezor emphasizes that security remains a top priority, and the protection system is continuously being improved. Users are advised not to enter backups even if they receive emails that appear to be official.