Hardware wallet maker Trezor issued an urgent notice today, 23rd June, after discovering that attackers had abused its website contact form to send phishing emails.
The company confirmed that hackers were able to impersonate official support messages and urge users to reveal sensitive information.
Trezor stressed that it “NEVER asks for wallet backups or seed phrases” via email and urged customers to remain cautious.
Details of the Phishing Scheme
The malicious emails appeared to come from Trezor support and mimicked the company’s branding. Recipients saw messages that claimed to respond to their inquiries, yet these notes carried links and forms designed to capture private keys and backup phrases.
Trezor’s team moved quickly to stop the fraud, contained the breach, and patched the contact form so it no longer sends unauthorised messages.
Advice for Trezor Users
In its notice, Trezor reminded users that wallet backups must always stay offline and private. Any request to share that information is a red flag.
The firm recommended double-checking email headers before trusting any message that looks like it comes from support. Even a slight typo or unexpected link should trigger suspicion and a quick check of the official website.
Industry-Wide Front-End Attacks
This incident follows two recent front-end hacks at major crypto sites. On June 20, CoinMarketCap’s interface was compromised with pop-ups that asked visitors to connect their wallets.
A similar exploit hit Cointelegraph on Sunday, where a fake token airdrop banner tricked readers into signing transactions. In both cases, attackers used injected scripts to turn trusted platforms into vectors for wallet-draining scams.
Hardware Flaw and Swift Patch
Meanwhile, Trezor patched a different issue after security researchers from Ledger’s Donjon lab found a microcontroller vulnerability. Their open-source audit showed that cryptographic operations on Trezor’s Safe 3 model could be exposed to advanced side-channel attacks.
Trezor acknowledged these findings and released a firmware update for both the Safe 3 and an earlier model. The update strengthens cryptographic routines and makes such attacks far less likely.
Building Stronger Defences
Trezor’s swift response to both the phishing emails and the hardware report shows the importance of layered security. By fixing the website exploit and updating firmware, the company aims to protect against social engineering and technical attacks.
Users are also encouraged to enable two-factor authentication on associated accounts and to verify firmware versions before using their devices.
Lessons for the Crypto Community
As crypto adoption grows, scams and hacks are becoming more sophisticated. Front-end exploits can turn well-known sites into dangerous traps.
At the same time, hardware devices must guard against both remote social attacks and physical vulnerability research. The recent string of incidents highlights the need for ongoing vigilance, regular software updates, and security audits across the ecosystem.
Also Read: Binance Co-Founder CZ Warns Of AI-Powered Deepfake Hacks That Can Fool Video Verification