Trezor Phishing-Betrug

[root_s2yse8vt]

Up

0

Down

::

Sehr überzeugender Trezor Phishing-Betrug, gesendet von [trezor.us](https://trezor.us). Höchstwahrscheinlich durchgesickerte E-Mails aus dem HubSpot-Bruch oder anderen Krypto-Verwandtenlisten.

Fordert Sie auf, die neueste Trezor-Software-Suite herunterzuladen, um die Sicherheitslücke zu schließen. Siehe unten:

​

https://preview.redd.it/7kb5kqtsa7r81.jpg?width=1442&format=pjpg&auto=webp&s=e4df16b683460593e240b8dbb0dbd287af0c6052

[atomicsnail]

Up

0

Down

::

Just received the same message to a email address that is unique and was generated just for my Trezor account.

Edit: The message has images that seem to reference being sent though a MailChimp list and links to a h**p://hg6g.mjt.lu/ address.

[Gh0st_Pirate_LeChuck]

Up

0

Down

::

Shit I downloaded and installed that from the email. I haven’t connected my wallet though. Just deleted it and am reinstalling directly from their website. People are saying it has an IP grabber in the email too. At least I had my VPN running.

Update: I have ran several malware / virus scans and have found nothing. It seems at least for now that the program is contained in the one install file. I also emailed the domain host company to notify them about the abuse/phishing scam.

[finchcatz]

Up

0

Down

::

I just received this email as well, but opened the suite and there were no updates to be dl.
Please upvote this thread to get word out on the sophisticated scam.

[megandorien]

Up

0

Down

::

I knew it. Fuckers!

[Incredible_T]

Up

0

Down

::

At least grammatically, this is a pretty well-crafted phishing attempt. The scammers must’ve hired an editor.

[wizmedic]

Up

0

Down

::

I noticed the it came from trezor.us and not trezor.io… Did a quick whois on trezor.us and came back as:

Registrant Contact Information:

Name

Annie Sherman

Organization

Address

2530 Neuport Lane

City

Dunwoody

State / Province

GA

Postal Code

30338

Country

US

Phone

+1.7813174526

I forwarded my email to trezor.io…. So hope they do something.

[I_mostly_lie]

Up

0

Down

::

Just received this..

​

first thing I done was say SHIT!, Then I realized I never input any passwords or codes on my pc, only on the device so my crypto is safe.

second was come to reddit for answers.

​

Thanks all.

[Upstairs_Tomorrow614]

Up

0

Down

::

Thanks for sharing, scam is the old “asking recipient to follow a link they’ve sent conveniently and simply log in as if everything is normal” type. Great catch regardless.

[[deleted]]

Up

0

Down

::

I received this also and was wondering if a scam. I checked the Trezor Blog and didn’t see anything related.

Anyways, I transferred my bitcoin to my wallet and stuck my Trezor into a safe and haven’t plugged it into my computer for several months. Do I need to be updating my Trezor periodically?

[11011100]

Up

0

Down

::

I also received this on a unique address only ever used to order from Trezor.

Everything else has been mentioned but this: The email also includes an embedded image tracker to grab your IP (because of course it does).

MailJet[.]com
http://hg6g.mjt[.]lu/oo/EAAA…/e.gif

Hopefully this isn’t as bad as Ledger’s breach where actual physical mailing addresses were compromised. Forwarded it to (real) Trezor, reported as phishing with my email provider, and contacted the domain abuse registrar email for the .us domain. It’s registered with NameCheap, please forward the email:

https://whois.domaintools.com/trezor.us
Registrar Abuse Contact Email: abuse@namecheap.com

to report the phishing email and accelerate the takedown.

[therunningcomputer]

Up

0

Down

::

Got the email as well

[Papa-Razzi]

Up

0

Down

::

Yeah I got this when I was out for dinner with my wife. I came home and examined the email further and saw the stupid link in it. Made me pop over here to see what was up. Glad I didn’t do anything with it.

Hope Trezor owns up to the breach.

[DE_Nada90]

Up

0

Down

::

Just received it today as well.

[esquirebaguio]

Up

0

Down

::

likewise received this email….. t

[ResponsibleOwl2263]

Up

0

Down

::

Just received same scam email (was not in junk folder) this evening.
Thanks for alerting the Trezor Reddit community so quickly.

[stevo327]

Up

0

Down

::

same email here to…where is the official Trezor response to this?

[sabiansoldier]

Up

0

Down

::

Lots of newbies are going to fall for this phishing scam. F

[matriarchnow]

Up

0

Down

::

I’m noticing that bots are trying to downvote this thread. Its probably the scammer that sent out this email to everyone.

[Waste-Director-8853]

Up

0

Down

::

+1 received into an email address uniquely registered with Trezor.

[_aD]

Up

0

Down

::

Received to my unique Trezor email address; redirects from mjt.lu (which looks suspicious, but is not; it is a MailJet domain, they’re a bulk mailer) and then on to a domain name that was registered just today and is almost certainly a phishing site.

[JMB346]

Up

0

Down

::

Yeah I just received that, seemed fishy when it said your cryptocurrency is at risk though. At most it would be an email and password leak, at least with typing everything on the model T I’m pretty sure trezor suite never even sees the seed. Someone correct me if I’m wrong please

[_aD]

Up

0

Down

::

Has there been confirmation (or rumour) that Trezor data was affected by the HubSpot breach?

[douginrpb]

Up

0

Down

::

I got it too. Scared the crap out of me at first. Till I thought about it. Thanks reddit community for easing my mind!

[goldpenny]

Up

0

Down

::

I received this email to the same two email addresses that always receive Trezor mailing list emails, however only one of those email addresses was used to purchase the Trezor. So it looks like it’s the mailing list that’s been hacked rather than the customer list or user database.

[revenant_07]

Up

0

Down

::

Using mxtoolbox.com you can see the different mx records. Different domain host providers. The @trezor.us doesn’t have DMARC Policy enabled. Recommend ppl to change their email address if tied to other important accounts.

[Sanji0_o]

Up

0

Down

::

Just got the same email now! And was like Damm these Scammers just got pretty well, with text and no reply domain 😄

[ParadiseD1]

Up

0

Down

::

I got the same email.

[Adon_Wolfe]

Up

0

Down

::

I just knew this was suspicious.

[SpringMission9020]

Up

0

Down

::

Yep just received one. Pretty easy to sniff out. I keep most of my correspondence from Trezor and they all originate from [Trezor.io](https://Trezor.io) not .us.

The line about my crypto being at risk was a huge red flag. How is my crypto at risk when my assets aren’t on Suite until I log in with my device? Would defeat the whole purpose of a cold wallet if any critical information was actually on Suite.

Just remember the golden rule. NEVER enter your seed phrase anywhere but on your device and never do it if prompted by anyone even your Momma!!

[nelo_bsb]

Up

0

Down

::

They event sent it on a Saturday, knowing they might have at least 48 hours before some kind of responde by Trezor.

I think the best SatoshiLabs can do is reporting phishing to the major browsers and operating systems vendors and hoping them to block the false wallet site and app.

[Radio-Chief]

Up

0

Down

::

Same email received here. I changed my passphrase on my device using the Windows app. Now here is my question. I did NOT use the email link I used only the Trezor app already on my desktop and my Trezor device. After I was done…. and for no reason in particular except stupidity, I opened the email up again and clicked the link. It just appeared to open up google.com search page. I stared at it a second and then closed the browser realizing what I had done. Do you think something could have been downloaded to my computer while on google.com?

[Autor]

Beiträge