Crypto hardware wallet Trezor confirms newsletter phishing attack
Categories: Crypto News
Trezor, a cryptocurrency hardware wallet provider is the latest company targeted by cybercriminals. The hackers sent out fake data breach notifications to the crypto wallet users through the company’s mailing list.For the uninitiated, cryptocurrencies (Ethereum, Bitcoin, etc) and NFTs are stored in something called as — crypto wallet. These wallets are both offline (hardware) and online (on-cloud). Cyber security experts advise to use hardware wallets because it is safer and more reliable. To access any crypto wallet, you need something called a passcode, which is similar to your password. While creating an account on Trezor, users are sent a 12 to 24 word recovery seed (password) that allows owners to gain access to their wallets, in case their device is stolen. However, anyone who knows this recovery seed can gain access to your wallet and its stored cryptocurrencies. After the user clicks on the download button to install the fake software a phishing site appears in the browser as suite.trezor.com. The website uses Punycode characters that allows the attackers to impersonate the trezor.com domain using accented or Cyrillic characters. It should be noted that the legitimate Trezor website is trezor.io.The company issued a warning and said it will not be communicating by newsletter until the situation is resolved. “Do not open any emails appearing to come from Trezor until further notice. Please ensure you are using anonymous email addresses for bitcoin-related activity,” the company added.