With the popularity of the digital asset space, the number of copycats, scammers, and website spoofers have only gained traction and were emerging out almost every day. The community, once again, woke up to a fresh phishing attempt. This time, the fraudulent entities masqueraded as the team behind the hardware wallet, Trezor, and sent a text message to several individuals urging them to update their wallet stating that their wallet has been disabled further adding a phishing link.
The message, in question, uses a misspelled with a zero instead of an O and looks something like this:
“Your TREZ0R Wallet has been deactivated. You are required to pass verification due to the new KYC regulations: <phishing link removed>”
1/ Public Security Notice:
Several of our trading students got this scam text message pretending to be @Trezor. DO NOT click on it!!!
"Your TREZ0R Wallet has been disabled. You are required to pass verification due to the new KYC regulations: https://t.co/vyYvxOoiP2
— Tai Zen (@HeyTaiZen) December 13, 2020
Popular Bitcoin proponent Andreas Antonopoulos provided more clarity and revealed that the new phishing attack appeared to originate from the same database that was stolen from Ledger. He went on to add,
“The same [fake] name and the number appear for me. It seems to be unrelated to Trezor, other than the attackers using that name in their new phishing campaign.”
While neither Ledger nor Trezor has yet commented about the whole affair, it is, however, important to note that the sales database breach has nothing to do with the security of the hardware wallets, something that was also stressed by Antonopoulos while responding to a query on his original Twitter post.
With the growing popularity of this space, the number of phishing cases has grown tremendously. Day in and day out, attackers are leveraging spoof websites and hijacking URLs, putting up a sting site, or a fake URL to steal users’ cryptocurrencies.
The latest news just days after Trezor tweeted out a warning to all its Android users owning Trezor devices about an Android app that was pretending to be the official app. It confirmed that the app was a scam and has no relation to SatoshiLabs and Trezor. The team behind the hardware wallet also revealed reporting it to the Google team. Soon after which the malicious app was removed from the PlayStore.