All Crypto Stolen From Phishing Scam Within Trezor Wallet

I just had over $29,000 in crypto stolen from my Trezor Wallet. I believed it would be extremely secure there. Today, when I updated the wallet, I noticed a message: “Visit GALATOKEN dot ORG to claim rewards.” It was under the Etherium ECR-20 tokens section (I can provide a screen shot). I assumed it was some kind of token distribution, I thought, “Trezor is highly secure; there’s no way there could be a phishing scam on the device itself.” I reasoned, “If it’s stated on the Trezor wallet, it must be legitimate.” Regrettably, I visited the website that was stated on the Trezor wallet. When the website prompted me for my passcode (seed phrases) to connect, I provided it. Within a minute, all my cryptocurrency was gone. They had my seed phrases and stole everything.

I was naive. I believed Trezor wallets were infallibly secure. Never did I imagine there could be a phishing scam within the wallet itself. I’ve just submitted a ticket (Ticket ID: 210315).


I got same problem february 6th everything was stolen and I have much more that you have… I’m very disappointed for that and it change alo my life in woirst of course. I neve imagine that trezor wallet was so easy to break…

1 Like

I feel sorry for you. Really sorry…
I know it’s easy for me to say this now after the event…

But, the golden rule with any wallet is:
never type your seed phrase into a website, or anything like that.

Once you initially setup your hardware wallet and it gives you the seed on screen to write down, you never use the seed again, unless you break the hardware wallet and need to recover your funds onto another wallet. There are NO exceptions to that rule. (well at least none I know of)

If people want to send (airdrop) stuff to you, they only need the public address. If they want more, probably they are going to steal from you.


You are right. I own that. However, I naively trusted the Trezor wallet. I would never have thought there could be scams that would exist in the app itself. It just never crossed my mind. I knew not to do that online in general. How could anyone trust the Trezor app if they could allow phishing links in the wallet itself? Now I know that Trezor can’t be trusted in that way. Now I know they could allow phishing scams to be on the app itself. And, I will make this fact known.

1 Like

The trezor app just pulls down the same blockchain data as blockscan and others do, so the issue is with the data against your account on the blockchain itself. Not sure they could do much about this.

Trezor devices actually are infallibly secure. These scams are a feature of the Ethereum network itself, as there is no cost for the attackers to execute such scams. The only way how to avoid this type of scam is not to interact with the websites in the transaction history. When you give away the recovery seed backup to the attackers, you are giving them total control over your wallet.

Trezor wallet is actually not possible to break. What you are mentioning, is giving away your recovery seed backup to the attackers and therefore giving them total control over your wallet.


what actually happened was you said to a fake airdrop " yes you can move my funds "
this is not just a problem with trezors its a problem of wallets scammers hoping you will hit click :frowning:

i would like to see a a "HIDE ALL TOKENS " this would mean your safer @forgi