Blockchain analyst ZachXBT has highlighted that several Trezor hardware wallet users are receiving phishing emails, raising concerns about potential data breaches at the hardware wallet company.
Users, taking to social media platforms like Reddit and X (formerly Twitter), have reported receiving suspicious emails that direct them to a fake Trezor website, urging them to update their app.
For instance, ZachXBT identified user JHDN, who expressed concerns on X, suggesting a potential security breach at the hardware wallet service provider as a mail created solely for their Trezor account received the phishing mail.
In a similar vein, Reddit user Avid28193 also voiced apprehensions about a potential breach of Trezor’s customer database, saying:
“Someone apparently got a hold of Trezor’s customer database. I’ve been getting several emails and texts about a ‘firmware update’ for a month or so now.”
Trezor or Evri?
Meanwhile, some community members have questioned whether the leak originated from Trezor or its UK distributor, Evri.
Evri is one of the largest parcel delivery firms in the UK and is used by top retail brands like eBay, Amazon, and others.
An X user, TheCrypticWolf, pointed out that the breach might not have originated from Trezor because it automatically deletes its customer information after 30 days.
ZachXBT advised the community to be careful of the phishing campaigns, saying he was unsure if the breach occurred at Evri or Trezor. He wrote:
“Be careful this person just received a phishing email to the email address associated with their Trezor purchase. This was a fresh email specifically created for the purchase, and it was purchased 6 months ago. Seems like a potential data breach for Trezor or Evri (the UK delivery company which shipped the Trezor).”
Trezor and Evri have yet to respond to CryptoSlate’s request for comment as of press time.
Last year, more than 100,000 users of the hardware wallet service provider fell victim to a phishing email attack. Trezor attributed this breach to an insider compromising a newsletter database hosted on Mailchimp.