Home Foren Trezor Wallet Trezor Phishing-Betrug

  • Dieses Thema hat 31 Antworten und 2 Teilnehmer, und wurde zuletzt aktualisiert vor 1 Jahr, 10 Monaten von Radio-Chief.
Ansicht von 31 Antwort-Themen
  • Autor
    Beiträge
    • #826672
      root_s2yse8vt
      Administrator
      Up
      0
      Down
      ::

      Sehr überzeugender Trezor Phishing-Betrug, gesendet von [trezor.us](https://trezor.us). Höchstwahrscheinlich durchgesickerte E-Mails aus dem HubSpot-Bruch oder anderen Krypto-Verwandtenlisten.

      Fordert Sie auf, die neueste Trezor-Software-Suite herunterzuladen, um die Sicherheitslücke zu schließen. Siehe unten:

      ​

      https://preview.redd.it/7kb5kqtsa7r81.jpg?width=1442&format=pjpg&auto=webp&s=e4df16b683460593e240b8dbb0dbd287af0c6052

    • #826673
      atomicsnail
      Gast
      Up
      0
      Down
      ::

      Just received the same message to a email address that is unique and was generated just for my Trezor account.

      Edit: The message has images that seem to reference being sent though a MailChimp list and links to a h**p://hg6g.mjt.lu/ address.

    • #826674
      Gh0st_Pirate_LeChuck
      Gast
      Up
      0
      Down
      ::

      Shit I downloaded and installed that from the email. I haven’t connected my wallet though. Just deleted it and am reinstalling directly from their website. People are saying it has an IP grabber in the email too. At least I had my VPN running.

      Update: I have ran several malware / virus scans and have found nothing. It seems at least for now that the program is contained in the one install file. I also emailed the domain host company to notify them about the abuse/phishing scam.

    • #826675
      finchcatz
      Gast
      Up
      0
      Down
      ::

      I just received this email as well, but opened the suite and there were no updates to be dl.
      Please upvote this thread to get word out on the sophisticated scam.

    • #826676
      megandorien
      Gast
      Up
      0
      Down
      ::

      I knew it. Fuckers!

    • #826677
      Incredible_T
      Gast
      Up
      0
      Down
      ::

      At least grammatically, this is a pretty well-crafted phishing attempt. The scammers must’ve hired an editor.

    • #826678
      wizmedic
      Gast
      Up
      0
      Down
      ::

      I noticed the it came from trezor.us and not trezor.io… Did a quick whois on trezor.us and came back as:

      Registrant Contact Information:

      Name

      Annie Sherman

      Organization

      Address

      2530 Neuport Lane

      City

      Dunwoody

      State / Province

      GA

      Postal Code

      30338

      Country

      US

      Phone

      +1.7813174526

      I forwarded my email to trezor.io…. So hope they do something.

    • #826679
      I_mostly_lie
      Gast
      Up
      0
      Down
      ::

      Just received this..

      ​

      first thing I done was say SHIT!, Then I realized I never input any passwords or codes on my pc, only on the device so my crypto is safe.

      second was come to reddit for answers.

      ​

      Thanks all.

    • #826680
      Upstairs_Tomorrow614
      Gast
      Up
      0
      Down
      ::

      Thanks for sharing, scam is the old “asking recipient to follow a link they’ve sent conveniently and simply log in as if everything is normal” type. Great catch regardless.

    • #826681
      [deleted]
      Gast
      Up
      0
      Down
      ::

      I received this also and was wondering if a scam. I checked the Trezor Blog and didn’t see anything related.

      Anyways, I transferred my bitcoin to my wallet and stuck my Trezor into a safe and haven’t plugged it into my computer for several months. Do I need to be updating my Trezor periodically?

    • #826682
      11011100
      Gast
      Up
      0
      Down
      ::

      I also received this on a unique address only ever used to order from Trezor.

      Everything else has been mentioned but this: The email also includes an embedded image tracker to grab your IP (because of course it does).

      MailJet[.]com
      http://hg6g.mjt[.]lu/oo/EAAA…/e.gif

      Hopefully this isn’t as bad as Ledger’s breach where actual physical mailing addresses were compromised. Forwarded it to (real) Trezor, reported as phishing with my email provider, and contacted the domain abuse registrar email for the .us domain. It’s registered with NameCheap, please forward the email:

      https://whois.domaintools.com/trezor.us
      Registrar Abuse Contact Email: abuse@namecheap.com

      to report the phishing email and accelerate the takedown.

    • #826683
      therunningcomputer
      Gast
      Up
      0
      Down
      ::

      Got the email as well

    • #826684
      Papa-Razzi
      Gast
      Up
      0
      Down
      ::

      Yeah I got this when I was out for dinner with my wife. I came home and examined the email further and saw the stupid link in it. Made me pop over here to see what was up. Glad I didn’t do anything with it.

      Hope Trezor owns up to the breach.

    • #826685
      DE_Nada90
      Gast
      Up
      0
      Down
      ::

      Just received it today as well.

    • #826686
      esquirebaguio
      Gast
      Up
      0
      Down
      ::

      likewise received this email….. t

    • #826687
      ResponsibleOwl2263
      Gast
      Up
      0
      Down
      ::

      Just received same scam email (was not in junk folder) this evening.
      Thanks for alerting the Trezor Reddit community so quickly.

    • #826688
      stevo327
      Gast
      Up
      0
      Down
      ::

      same email here to…where is the official Trezor response to this?

    • #826689
      sabiansoldier
      Gast
      Up
      0
      Down
      ::

      Lots of newbies are going to fall for this phishing scam. F

    • #826690
      matriarchnow
      Gast
      Up
      0
      Down
      ::

      I’m noticing that bots are trying to downvote this thread. Its probably the scammer that sent out this email to everyone.

    • #826691
      Waste-Director-8853
      Gast
      Up
      0
      Down
      ::

      +1 received into an email address uniquely registered with Trezor.

    • #826692
      _aD
      Gast
      Up
      0
      Down
      ::

      Received to my unique Trezor email address; redirects from mjt.lu (which looks suspicious, but is not; it is a MailJet domain, they’re a bulk mailer) and then on to a domain name that was registered just today and is almost certainly a phishing site.

    • #826693
      JMB346
      Gast
      Up
      0
      Down
      ::

      Yeah I just received that, seemed fishy when it said your cryptocurrency is at risk though. At most it would be an email and password leak, at least with typing everything on the model T I’m pretty sure trezor suite never even sees the seed. Someone correct me if I’m wrong please

    • #826694
      _aD
      Gast
      Up
      0
      Down
      ::

      Has there been confirmation (or rumour) that Trezor data was affected by the HubSpot breach?

    • #826695
      douginrpb
      Gast
      Up
      0
      Down
      ::

      I got it too. Scared the crap out of me at first. Till I thought about it. Thanks reddit community for easing my mind!

    • #826696
      goldpenny
      Gast
      Up
      0
      Down
      ::

      I received this email to the same two email addresses that always receive Trezor mailing list emails, however only one of those email addresses was used to purchase the Trezor. So it looks like it’s the mailing list that’s been hacked rather than the customer list or user database.

    • #826697
      revenant_07
      Gast
      Up
      0
      Down
      ::

      Using mxtoolbox.com you can see the different mx records. Different domain host providers. The @trezor.us doesn’t have DMARC Policy enabled. Recommend ppl to change their email address if tied to other important accounts.

    • #826698
      Sanji0_o
      Gast
      Up
      0
      Down
      ::

      Just got the same email now! And was like Damm these Scammers just got pretty well, with text and no reply domain 😄

    • #826699
      ParadiseD1
      Gast
      Up
      0
      Down
      ::

      I got the same email.

    • #826700
      Adon_Wolfe
      Gast
      Up
      0
      Down
      ::

      I just knew this was suspicious.

    • #826701
      SpringMission9020
      Gast
      Up
      0
      Down
      ::

      Yep just received one. Pretty easy to sniff out. I keep most of my correspondence from Trezor and they all originate from [Trezor.io](https://Trezor.io) not .us.

      The line about my crypto being at risk was a huge red flag. How is my crypto at risk when my assets aren’t on Suite until I log in with my device? Would defeat the whole purpose of a cold wallet if any critical information was actually on Suite.

      Just remember the golden rule. NEVER enter your seed phrase anywhere but on your device and never do it if prompted by anyone even your Momma!!

    • #826702
      nelo_bsb
      Gast
      Up
      0
      Down
      ::

      They event sent it on a Saturday, knowing they might have at least 48 hours before some kind of responde by Trezor.

      I think the best SatoshiLabs can do is reporting phishing to the major browsers and operating systems vendors and hoping them to block the false wallet site and app.

    • #826703
      Radio-Chief
      Gast
      Up
      0
      Down
      ::

      Same email received here. I changed my passphrase on my device using the Windows app. Now here is my question. I did NOT use the email link I used only the Trezor app already on my desktop and my Trezor device. After I was done…. and for no reason in particular except stupidity, I opened the email up again and clicked the link. It just appeared to open up google.com search page. I stared at it a second and then closed the browser realizing what I had done. Do you think something could have been downloaded to my computer while on google.com?

Ansicht von 31 Antwort-Themen
  • Du musst angemeldet sein, um auf dieses Thema antworten zu können.