The big boss in crypto hardware wallets just dropped a serious warning. Some sneaky hackers found a way to abuse Trezor’s own support contact form to send out scam emails.
Yeah, the very tool meant to help you got twisted into a weapon against you. These scam emails?
They look so legit, you’d swear they came straight from Trezor’s own office. But don’t be fooled, this is classic phishing, guys.
That’s a bait
Here’s the dirty trick, the attackers submitted requests to Trezor’s support using the victims’ email addresses.
That triggered automatic replies that seemed like genuine support messages. Imagine getting a note from your IT guy, but it’s actually a con artist trying to steal your wallet backup. And let me remind you, wallet backups are sacred, never share them.
Important Update
We have identified a security issue where attackers abused our contact form to send scam emails appearing as legitimate Trezor support replies.
These scam emails appear legitimate but are a phishing attempt.
Remember, NEVER share your wallet backup — it must…
— Trezor (@Trezor) June 23, 2025
Trezor hammered this home on X, saying the mantra again and again.
“NEVER share your wallet backup. It must stay private and offline. We will never ask for it.”
Same old same old
Now, before you freak out, Trezor assures us the situation is contained. The contact form itself is still safe and secure, and there was no breach of their email system.
The bad actors probably got hold of email addresses from earlier leaks elsewhere, because, let’s face it, data breaches are like bad coffee, they keep coming back.
Trezor says they’re digging deep to stop these abuses in the future. Security? It’s a never-ending hustle.
This isn’t Trezor’s first rodeo with email scams tbh. Back in March 2022, a Mailchimp breach led to phishing emails tricking users into downloading fake Trezor updates.
And they’re not alone. Ledger had a major data leak in 2020 that exposed customer emails, sparking waves of phishing attacks.
MetaMask, Trust Wallet, and others? Same story. Hackers love impersonation schemes, fake emails, bogus support chats, social media scams, you name it.
Don’t click
So, here’s the deal, guys. If you get an email claiming to be from Trezor or any wallet provider, don’t just click like you’re swiping through your favorite sitcom.
Pause. Think. Does it ask for your wallet backup? If yes, toss it in the trash.
Keep your crypto fortress tight, because these phishing sharks are circling, and those mofos are getting more creativ every day.
Disclosure:This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.
Kriptoworld.com accepts no liability for any errors in the articles or for any financial loss resulting from incorrect information.
