This one got me and I did start googling frantically to see if this was true…
Sent using email address “[email protected]” and link goes out to http://[redacted].trackstreet.com
I’ve been getting these also. Newest one today is a variation and is well written.
The irony is that the new one is talking about the previous ones and is trying to nudge you into " protecting yourself " from the other scams. Bold jokers.
The original email has an actual address of " [email protected] " not Trezor.
Rodg
@isa56k @RuthlessRodg Thank you for sharing these examples of phishing emails.
As you mentioned, these emails contain links to phishing websites. A phishing website is designed to lure users into entering their wallet backup (recovery seed) online. These websites appear to offer a solution to a fabricated technical problem, but they actually steal the information entered.
Once scammers have the wallet backup, they can access and drain the user’s funds. Be cautious and never enter sensitive information on unfamiliar websites.
Phishing emails are usually sent from fake domains such as “trezor.us” or “trezornews.io”. Our official domain is “trezor.io.” Before clicking any links in an email, it’s important to verify the sender’s address to ensure the email’s authenticity.
Sometimes phishing email will include information about unauthorized access to your Trezor account. Please note that Trezor owners do not have user accounts. Even if you make a purchase in our e-shop, your email address will not be used to create an account, and it will be anonymized after 90 days.
More information can be found in our Knowledge Base and Trezor Blog:
- Common scams and phishing affecting Trezor users
- Phishing attacks used to steal your coins (recommended reading) | by SatoshiLabs | Trezor Blog
- Phishing attacks and how to stay safe | by SatoshiLabs | Trezor Blog
General guidelines on how to protect yourself from phishing attacks can also be found in these videos on our official YouTube channel:
- https://youtu.be/7IJzv3LOqUw?si=BV65uuFblPeIzguL&t=98
- https://youtu.be/_E643HFwAK8?si=cUHI-55jjqte_hPx
It is essential to understand that you should never reveal your wallet backup. It is the key to your crypto and it should always be kept offline and private.
- Never enter it into a website, form, or app.
- Only enter it directly on your Trezor device.
- No legitimate service — including Trezor Support — will ever ask for it.
- If someone does, it’s a scam. Stay sharp!
If your device is stolen, lost, or damaged, you can always use your wallet backup to recover your wallet on another device. This is the reason why wallet backup is so important and it should never be stored online or typed anywhere online. Please, find more information about the importance of wallet backup at:
Only enter your wallet backup if you are directly asked for it by the trusted display of your Trezor device.
We are actively working on disabling the phishing site and researching ways to prevent future abuse. We truly appreciate your vigilance. If you are ever unsure about a message, feel free to double-check with us. We are here to help!