In recent years, cryptocurrencies have gained a lot of attention as an investment opportunity, with more and more people getting involved in the market. With the increasing value of cryptocurrencies, there is also an increase in cybercrime targeting these digital assets. One of the latest and most significant phishing campaigns has been targeting Trezor crypto wallets.

An ongoing multi-channel phishing attempt to trick users into allowing access to their wallets has been acknowledged by cryptocurrency hardware company Trezor.

In a tweet, the company issued a warning: “The attackers contact the victims by phone call, SMS, and/or email. They suggest that there has been a security breach or suspicious activity on their Trezor account.

Trezor is a popular hardware wallet allowing users to store their digital assets safely. The company has gained a reputation for being one of the market’s most secure and reliable wallets. However, the recent phishing campaign has caused concern among its users.

Phishing is a cybercrime involving deceiving people into sharing sensitive information such as login credentials, personal information, or financial data. In this particular case, the phishing campaign has been targeting Trezor wallet users by sending them fake emails that appear to be from Trezor support.

Also, read The 0ktapus Phishing Attack: Campaign: The Most Prolific Phish.

The messages are well-crafted and designed to look like official communication from Trezor. The attackers use social engineering tactics to lure users into clicking links or downloading attachments containing malware or phishing pages. The attackers aim to steal the user’s login credentials and gain access to their wallet.

People posted screenshots of the phishing campaign on Twitter. However, users are urged to upgrade their wallets in one message from a bogus Trezor alert that claims the device “failed to complete the latest Ethereum Merge.”

Previous Phishing

The phishing campaign was first detected in January 2021 and has been ongoing since then. The attackers have been targeting Trezor users worldwide, with reports coming from countries such as the US, the UK, Canada, and Australia. The phishing emails have been sent in various languages, including English, Spanish, French, and German.

Trezor has acknowledged the phishing campaign and has issued warnings to its users. The company has emphasized never asking for a user’s recovery seed or login credentials via email. Trezor has advised users to be cautious and always to verify the authenticity of any communication they receive from the company.

The phishing campaign targeting Trezor wallets is a reminder of the importance of cybersecurity when dealing with digital assets. Crypto wallets are a prime target for cybercriminals, and users must take extra precautions to protect their assets. This includes using strong passwords, enabling two-factor authentication, and being vigilant against phishing attacks.


In conclusion, the phishing campaign targeting Trezor wallets is a concerning development for the crypto community. Users should be aware of the risks and take the necessary steps to protect their assets. Trezor has taken steps to address the issue, but the responsibility ultimately lies with the user to remain vigilant and protect their digital assets.