Hackers Exploit Trezor Support Form in Phishing Attack

The hardware wallet manufacturer Trezor has issued a warning regarding a phishing attack conducted through the contact form on its official website.

Important Update

We have identified a security issue where attackers abused our contact form to send scam emails appearing as legitimate Trezor support replies.

These scam emails appear legitimate but are a phishing attempt.

Remember, NEVER share your wallet backup — it must…

— Trezor (@Trezor) June 23, 2025

Attackers sent support requests impersonating users, triggering an automatic response from Trezor to clients’ emails. Subsequently, the fraudsters sent a phishing email that appeared as a continuation of the support correspondence.

The company emphasized that its systems were not breached. Hackers exploited the form but did not compromise it. The issue has already been addressed.

The Trezor team reiterated that seed phrases should never be shared. Company representatives stressed that employees never request this information.

Earlier, hackers compromised Cointelegraph’s frontend. They injected malicious code that displayed a phishing window offering a fake airdrop.