Techradar reports A new phishing campaign has been discovered targeting cryptocurrency hardware wallet firm Trezor.
These wallets allow crypto users to store their funds offline, rather than in a “hot wallet” (a mobile or desktop app), or with a third party (an exchange, a custodial service, or a lending/borrowing firm). Hardware wallets, also known as “cold wallets” are generally perceived as a much safer way to store cryptocurrencies, compared to the alternatives. That also means that whoever is serious about cryptocurrencies (and has a substantial amount) will probably hold it in cold storage, making Trezor users an attractive target for cybercriminals.
Wallets kept offline are often viewed as far more secure than hot wallets or exchanges. However, these wallets are far more attractive to cybercriminals due to them usually storing far more in the way of digital assets.
Much like with initial banking frauds, SMS messages are a standard way to initial communication with unsuspecting victims. When caught off guard by a legitimately looking text message, it can be easy to be led through a series of steps in order to help “protect” funds.
But if anyone is ever requested to hand over their recovery seed, alarm bells should ring and it is vital that it is not divulged, however convincing the messages are.
ESET Ireland 