Trezor Warns Users of Phishing Scam After Attackers Exploit Support Form

Trezor, a leading manufacturer of crypto hardware wallets, has issued a security alert after discovering that attackers exploited its online support system to launch a targeted phishing campaign. The scam involved impersonating Trezor’s support team in emails that appeared legitimate but were designed to trick users into revealing their sensitive wallet backup information.

“These scam emails appear legitimate but are a phishing attempt,” the company wrote on X (formerly Twitter). “Remember, NEVER share your wallet backup — it must always stay private and offline. Trezor will never ask for your wallet backup.”

According to Trezor, the phishing attack took advantage of the company’s support contact form. The attackers submitted queries using email addresses tied to potential victims. This triggered Trezor’s automated support replies, giving the scam messages an air of authenticity. Importantly, the company confirmed there was no breach of its systems or user email databases, suggesting the attacker likely used addresses gathered from prior unrelated data leaks.

Trezor emphasized that its contact form remains secure and that the issue has been contained.

“We're actively researching ways to prevent future abuse,” the company said. “Security is a continuous process. Stay vigilant.”

This isn’t the first time Trezor has had to address email-related threats. In 2022, a breach at its email provider, Mailchimp, led to phishing emails being sent to customers, prompting some to download malicious software disguised as an official Trezor update.

The broader crypto community has seen similar incidents in recent years. Trezor's competitor Ledger experienced a major data leak in 2020 that exposed customer email addresses, fueling a wave of phishing attempts. Other popular wallet services like MetaMask and Trust Wallet have also been targets of impersonation scams via fake support emails, cloned websites, and fraudulent social media accounts.