Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
Phishing is a way that cyber attackers trick users into revealing sensitive information. Think of it like fishingâââjust that, in the case of phishing, youâre the catch đŹ. Specifically, your data, contact information, passwords, and in the case of hardware wallets, recovery seeds.
Trezor users are often targeted with fake emails, websites, or phone calls that appear to be from Trezor. Attackers may ask users to enter their seed phrase, provide login credentials, or connect their device to a malicious website.
Just remember. Under no circumstance will any Trezor representative seek your recovery seed, over email, customer support, website, or any form of communication.
How Phishing works
Getting back to fishing. How does that work? You set a bait on a hook, cast your line, and wait for a fish to bite.
Phishing operates on a similar principle:
- The Bait: The scam begins with a lure. This could be an email, DM over social media channels like Twitter or Telegram, or a website. These may mimic the style and branding of a legitimate company or service, complete with logos and official language.
- The Hook: This bait contains a hook, which in most cases is a link that the target user is encouraged to click. The link will direct the user to a fake website or form where theyâre asked to enter personal information. Think passwords, recovery seeds, and so on.
- The Catch: If the target user takes the bait and enters their information, the phishing attempt is successful. The sensitive data is then used for fraudulent purposes. For example, if a recovery seed is stolen, the malicious actor can drain a wallet of its crypto holdings.
Remember, the ultimate goal of a phishing attack is to convince users to reveal information that can be used to take over their accounts. In crypto, thatâs usually your recovery seed. The good news is that they can be avoided by being disciplined about the information you share, online and offline.
Stay vigilant
- Do not enter your recovery seed anywhere unless in your Trezor device upon recovery.
- Under no circumstance will any Trezor representative seek your recovery seed, over email, customer support, website, or any form of communication.
- Users who are uncertain about the proper behavior of their wallet are more than welcome to contact our support at https://trezor.io/support.
- Never share your recovery seed with anyone. If you receive any communication that asks for your seed phrase, itâs likely a phishing attempt, and we ask that you contact our official support channel.
Hereâs more on phishing attacks,
Phishing attacks and how to stay safe
What is a Phishing attack? Stay vigilant at all times was originally published in Trezor Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.