According to Cointelegraph, cryptocurrency hardware wallet provider Trezor is investigating a recent phishing campaign after users reported receiving phishing emails. Anonymous blockchain sleuth ZachXBT alerted users to the phishing attack on his Telegram channel on October 26. The phishing email invites users to download the 'latest firmware update' to their Trezor devices to 'fix an issue in software.' The malicious email was reportedly sent from amministrazione@sideagroup.com.
ZachXBT suggested that the phishing attack could indicate a potential data breach for Trezor or Evri, the UK delivery company that ships Trezor devices. Two other people on Reddit also complained about the same phishing email. Trezor's brand ambassador, Josef Tetek, confirmed that the company is aware of the ongoing phishing campaign and is actively investigating it. He added that Trezor never asks for users' recovery seed, PIN, or passphrase and urged users to follow the instructions shown on a connected Trezor hardware wallet when working with their recovery seed.
Cryptocurrency investors continue to face phishing attacks despite efforts to curb such scams. In September, a large crypto investor reportedly lost $24 million worth of crypto assets in a massive phishing campaign. Cybersecurity reports indicate that the number of cryptocurrency phishing attacks increased by 40% in 2022.