Trezor hardware wallet issues a warning about phishing newsletter

This weekend some customers of Trezor, a crypto hardware wallet, were apparently targeted by a phishing attack. Trezor announced that the reports have been proven to be true. A potential data breach of an opt-in newsletter hosted on MailChimp was investigated by Trezor, which warned users against opening emails from “noreply@trezor.us”.

An insider targeting crypto companies has compromised MailChimp’s service, Trezor said in a subsequent post. “We’ve taken the phishing domain offline. We’re trying to determine how many emails were affected by it.”

We will not be communicating by newsletter until the situation is resolved. Do not open any emails appearing to come from Trezor until further notice. Please ensure you are using anonymous email addresses for bitcoin-related activity. the firm continued on to say.

Trezor said to it’s users

According to an ongoing investigation, several Trezor users are being contacted by unauthorized actors pretending to be Trezor with the goal of misleading unsuspecting investors and stealing their money. The attack was executed through an email that offered users applications from the “trezor.us” domain, which is a different domain name than the official Trezor domain name, “trezor.io.”.

Several Trezor users have circulated screenshots of the phishing attempt and warnings to others on Saturday morning. According to messages sent to Trezor users, the phishing attack was one of a series of attempts by hackers to indoctrinate users to download malware under the guise of the security company’s desktop app through a false claim of a hack.

In the meantime, Trezor is conducting an official investigation to determine the total number of stolen email addresses. Users should refrain from clicking links coming from unofficial sources until further notice.