Large Phishing Campaign Targeting Trezor Crypto Wallet Users

An ongoing phishing campaign targets Trezor crypto wallet users by disguising themself as data breach notifications to get information about the victim's recovery seed. Trezor allows users to hold their crypto offline instead of using cloud-based wallets. The campaign uses SMS messages notifying users that Trezor has suffered a data breach and that they need to secure their devices, trying to bait users into typing their recovery seed on the fake Trezor website, which allows threat actors to steal the recovery seed and get the control over the victim's device. Read more...