Trezor, Ledger Users Face New Phishing Attacks via Fake Mail

TLDR

• Crypto scammers have targeted Trezor and Ledger users with fraudulent letters aimed at stealing recovery phrases.
• The fake letters include QR codes that lead users to phishing websites designed to steal sensitive wallet information.
• Cybersecurity expert Dmitry Smilyanets was among the first to report the phishing scam involving Trezor.
• Ledger and Trezor never ask users to share recovery phrases through emails, physical mail, or websites.
• These phishing attempts are part of ongoing scams exploiting data breaches from 2020 and 2024.

Users of cryptocurrency hardware wallets, including Ledger and Trezor, have again reported receiving fraudulent letters aimed at stealing their recovery seed phrases. These scams have been ongoing for several years, fueled by leaks from major data breaches. The latest wave of attacks, targeting wallet owners, involves fake letters with QR codes that lead victims to phishing websites.

Scammers Use Holograms and Fake Letters to Lure Victims

Cybersecurity expert Dmitry Smilyanets was among the first to report the latest scam, receiving a letter from Trezor on February 13. The letter, which warns users to complete an “Authentication Check” by February 15, contains a fake hologram and a QR code. Smilyanets shared that the QR code leads to a fraudulent website that mimics official Trezor and Ledger setup pages.

The letter claims to be signed by Matěj Žák, who is actually the CEO of Trezor, but the letter falsely attributes this to Ledger. The scam urges users to act quickly, creating a sense of urgency that often leads to poor decisions. This type of social engineering tactic is common in phishing attacks designed to steal sensitive information.

Ledger Users Targeted with Similar Phishing Tactics

This scam isn’t new for Ledger users. In October of 2022, a Ledger user reported receiving a similar letter, which instructed them to complete a “Transaction Check” process. Like the Trezor phishing attempt, the letter included a QR code that led victims to a fraudulent site designed to steal wallet recovery phrases.

Legitimate hardware wallet providers like Ledger and Trezor never ask users to share their recovery phrases via email, phone, or physical mail. Both companies have repeatedly warned users against entering sensitive information on suspicious websites or following unsolicited communication. Despite these warnings, phishing scams continue to adapt and evolve, successfully tricking some users into revealing their private details.

Phishing Websites Harvest Recovery Phrases for Theft

Upon scanning the malicious QR code, users are directed to a fake site where they are prompted to enter their wallet recovery phrases. Once entered, the recovery phrase is transmitted to the attackers, who can then steal the user’s funds. The scam’s clever design tricks even experienced users into entering critical information.

Legitimate wallets never request recovery phrases over the internet or through any communication channels outside of the user’s direct control. The rise of these scams highlights the importance of vigilance among cryptocurrency users, particularly during times of heightened anxiety such as market downturns.

These phishing attempts are part of a broader trend, with data breaches from 2020 and 2024 leading to the exposure of customer information. Trezor’s January 2024 breach, which leaked nearly 66,000 customer details, illustrates the ongoing challenges users face in protecting their assets. Despite security measures, opportunistic attacks are frequent and sophisticated, making it more important than ever to remain cautious and informed.

Scammers Continue to Exploit User Vulnerabilities

Cybersecurity experts have warned that scammers will likely continue to exploit vulnerabilities in the cryptocurrency ecosystem. Deddy Lavid, CEO of cybersecurity firm Cyvers, explained that scams tend to evolve, especially in times of market instability. While scams may slow in times of low market speculation, fear-based tactics, such as fake compliance alerts, become more effective.

Crypto hardware wallet users are encouraged to report any suspicious communications immediately and verify the authenticity of any requests they receive. Both Ledger and Trezor have detailed security guidelines on their websites to help users recognize potential scams.

The post Trezor, Ledger Users Face New Phishing Attacks via Fake Mail appeared first on Blockonomi.

Source: https://blockonomi.com/trezor-ledger-users-face-new-phishing-attacks-via-fake-mail/