Trezor issues phishing alert after attackers abuse support contact form to send scam emails

Crypto hardware wallet manufacturer Trezor issued a security alert to its users on Monday morning after attackers abused its online support form to send scam emails masquerading as legitimate Trezor support replies.

"These scam emails appear legitimate but are a phishing attempt," Trezor's official account posted to X. "Remember, NEVER share your wallet backup — it must always stay private and offline. Trezor will never ask for your wallet backup."

The phishing attempts worked by contacting Trezor's support on behalf of affected email addresses, triggering an auto-reply that appears as a legitimate Trezor support message.

Trezor said the issue has been contained, its contact form remains "safe and secure," and there was no email breach — though addresses were presumably obtained via previous data breaches in order to launch the attack.

"We're actively researching ways to prevent future abuse," the firm said. "Security is a continuous process. Stay vigilant."

Email-related crypto attacks

It's not the first time Trezor has faced an email-related incident. In March 2022, a breach of its newsletter provider Mailchimp led to phishing emails being sent to users, prompting them to download malicious software disguised as a Trezor update.

Trezor's competitors, like Ledger, have also faced similar issues, including a major 2020 data leak that exposed customer emails and triggered an ongoing wave of phishing attacks. MetaMask, Trust Wallet, and others have also been targets of impersonation schemes via email, fake support channels, and social media — often using stolen or spoofed credentials.