Key Takeaways
- Hackers exploited Trezor’s website contact form to send phishing emails impersonating customer support.
- Trezor urges users to avoid disclosing wallet backups or seed phrases via email and remain vigilant.
Share this article
Hardware wallet maker Trezor issued a security alert today, warning that hackers have exploited its website contact form to impersonate customer support and send phishing emails to users.
Important Update
We have identified a security issue where attackers abused our contact form to send scam emails appearing as legitimate Trezor support replies.
These scam emails appear legitimate but are a phishing attempt.
Remember, NEVER share your wallet backup — it must…
— Trezor (@Trezor) June 23, 2025
The company confirmed the security breach had been contained. Trezor emphasized that it never requests wallet backups from customers through email communications.
The attack involved hackers using the website’s contact form functionality to send fraudulent messages appearing to come from official Trezor support channels. The phishing emails likely targeted users’ sensitive wallet information and backup phrases.
Trezor urged customers to remain vigilant against suspicious communications requesting private keys or seed phrases.
The incident came after CoinMarketCap’s front end was compromised on June 20, displaying unauthorized pop-ups asking visitors to verify their crypto wallets.
Cointelegraph also confirmed a front-end hack on its website on Monday, which displayed phishing pop-ups promoting a fake token airdrop, tricking users into connecting their wallets.
Share this article
