Mail phishing attacks targeting Trezor and Ledger users resurface

A mail phishing campaign targeting users of Trezor and Ledger hardware wallets has resurfaced, Cointelegraph reported. Security expert Dmitry Smilyanets stated on Feb. 13 that he received a letter impersonating Trezor. He explained that the document demanded an "Authentication Check" and prompted him to scan a QR code. The code reportedly leads to a phishing site disguised as an official page, designed to steal users' seed recovery phrases. Both Trezor and Ledger have consistently emphasized that they will never ask for a user's seed phrase under any circumstances. The attacks are possible due to past data breaches at both companies that exposed customer information, including physical addresses. In January 2024, Trezor announced that the contact details of approximately 66,000 customers had been compromised.