1. Trezor, a hardware wallet provider, confirmed a security breach involving its third-party email provider.
2. Malicious emails, appearing to be from Trezor's official domain, urged users to upgrade their "network" or risk losing funds.
3. The deceptive emails included a harmful link redirecting users to a page requesting their seed phrase.
4. Trezor deactivated the malicious link promptly, containing the potential threat and assuring the link itself was harmless.
5. User funds remain secure unless the recovery seed was entered; affected users are advised to transfer funds to a new wallet for added security.
6. The unauthorized emails impersonated Trezor, addressing subscribers to their newsletter.
7. If users haven't disclosed their recovery seed, their assets are secure; disclosing the recovery seed requires immediate fund transfer.
8. This incident is part of a series of coordinated phishing attacks affecting various crypto platforms, including WalletConnect, Token Terminal, De.Fi, and Cointelegraph.
9. Scammers used enticing offers of fraudulent airdrops to trick users into taking action.
10. Users are warned to exercise caution and verify communications directly from platforms to avoid falling victim to phishing attempts in the crypto space.
