Scam airdrop tokens appearing in your wallet

Have you encountered any phishing attacks on Trezor users? Report them in this topic please.

Recommended reading: Phishing attacks used to steal your coins

1 Like

Hello,

I have a Trezor T and have been good for several months but recently i was air dropped a token called abShiba.com into my wallet. How can i remove it, what do i need to be aware of, and should i buy a new trezor t to transfer all my other tokens too? Thanks!

I face the same problems 2 days ago. the abshiba just appear on my trezor t out of nowhere. what should I do???

Hi, the airdropped tokens do not pose any risk to the rest of your coins and tokens stored on Trezor.
You can either decide to ignore the tokens, or you can create a new wallet with your Trezor device and transfer your whole portfolio there, if you do not wish to have the airdropped tokens in the same wallet for some reason.

hello
Have you been able to solve the abshiba.com problem because the same thing happened to me?

@Roberto805490 see the post above, the tokens do not pose risk

Hi, I got an email that I thought was from Trezor that said you’d been hacked, I downloaded the update from https://suite.trezor.net/?id=Cgvi%2BITZdgBunGXniXCH3M2H%2FIglk1%2Br2GsYGbKr4DEib9iQRB0oiPMee6PMsnUS2C%2Bbng%3D%3D

and like an idiot I installed it before seeing that the email didn’t come from your domain. I did not enter my recovery phrase of course, that’s when I figured out I screwed up. What is the safest way to fix this? When I open Trezor now it goes straight to the malware and asks for my recovery phrase

1 Like

I received an email which looks quite legit and is a phishing attack. It takes you to a site where you download a fake app and your recovery seed is asked.

1 Like

Just got this email below…

From: Trezor <[email protected]>
Sent: Saturday, April 2, 2022 9:13 PM
To: xxxxx
Subject: Your Trezor Suite might be compromised

Dear customer,

We regret to inform you that Trezor has experienced a security incident involving data belonging to 106,856 of our customers, and that the wallet associated with your e-mail address ([email protected]) is within those affected by the breach.

Namely, on Saturday, April 2nd, 2022, our security team discovered that one of the Trezor Suite administrative servers had been accessed by an unauthorized malicious actor.

At this moment, it’s technically impossible to accurately assess the scope of the data breach. Due to these circumstances, if you’ve recently accessed your wallet using Trezor Suite, we must assume that your cryptocurrency assets are at risk of being stolen.

In the spirit of transparency, we wanted to make our customers aware of this incident before malicious actors could utilize this information to their detriment. We felt time was of the essence, and we are expediently working through our investigation.

If you’re receiving this e-mail, it’s because you’ve been affected by the breach. In order to protect your assets, please download the latest version of Trezor Suite and follow the instructions to set up a new PIN for your wallet.

Sincerely,

Trezor

DOWNLOAD LATEST VERSION <http://hg6g.mjt.lu/lnk/EAAAArsC-WUAAAAAAAAAAQmGDIsAAYCroHUAAAAAAAgR2QBiSPSfw9LWGCauRAm3xc5kVb9PDAAHrVk/2/BHHwnu9pTNpm1Rg-Xq5-uA/aHR0cHM6Ly90cmV6b3ItYW16bWFpbGVyLm14MS5pbmRlbWFiai5jb20vYW5hbHl0aWNzL2luZGV4LnBocD9pZD1XdFVrNFF6R2VZYkZySktyVFVZdUxyVzhVYlljWHBaZWJpemtEUmhnWHVyOWtpUUxKWFN1NWcwSFdSR1pzTUM5N3NVJTNE>

Copyright © 2022 Trezor / SatoshiLabs s.r.o., All rights reserved.

Our mailing address is:

Trezor / SatoshiLabs s.r.o.
Kundratka 2359/17A
Prague 8 18000
Czech Republic

1 Like

Dear Trezor users,
April 3, 2022 I received this mail from [email protected]


Dear customer,
We regret to inform you that Trezor has experienced a security incident involving data belonging to 106,856 of our customers, and that the wallet associated with your e-mail address is within those affected by the breach.
Namely, on Saturday, April 2nd, 2022, our security team discovered that one of the Trezor Suite administrative servers had been accessed by an unauthorized malicious actor.
At this moment, it’s technically impossible to accurately assess the scope of the data breach. Due to these circumstances, if you’ve recently accessed your wallet using Trezor Suite, we must assume that your cryptocurrency assets are at risk of being stolen.
In the spirit of transparency, we wanted to make our customers aware of this incident before malicious actors could utilize this information to their detriment. We felt time was of the essence, and we are expediently working through our investigation.
If you’re receiving this e-mail, it’s because you’ve been affected by the breach. In order to protect your assets, please download the latest version of Trezor Suite and follow the instructions to set up a new PIN for your wallet.
Sincerely,
Trezor
DOWNLOAD LATEST VERSION


The suggested link goes to
https://suite.trẹzor.com/
Note the little dot below the letter e in the address.
The link downloads a file
Trezor-Suite-22.4.0-linux-x64.AppImage
size: 149476960
file says: Trezor-Suite-22.4.0-linux-x64.AppImage: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.18, stripped

I did not run the file, so I can’t tell you what it does, you understand I hope :slight_smile:

I just wanted to warn you.
I have not found a way how to contact Satoshilabs to report
this danger.

Best regards
Byk

1 Like

Hi Trezor Community,
Received a very convincing phishing email today that nearly got for 2 points, I am yet to receive my Trezor or set up my Trezor Suite… Only previous correspondence with Trezor is to purchase a Trezor hard wallet and receive newsletters…suggesting that either your database or maillist has been compromised…just sharing my experience to help identify source of the spear phishing.

Trezor <[email protected]>
Re: Your Trezor Suite might be compromised

Image

Dear customer,

We regret to inform you that Trezor has experienced a security incident involving data belonging to 106,856 of our customers, and that the wallet associated with your e-mail address is within those affected by the breach.

Namely, on Saturday, April 2nd, 2022, our security team discovered that one of the Trezor Suite administrative servers had been accessed by an unauthorized malicious actor.

At this moment, it’s technically impossible to accurately assess the scope of the data breach. Due to these circumstances, if you’ve recently accessed your wallet using Trezor Suite, we must assume that your cryptocurrency assets are at risk of being stolen.

In the spirit of transparency, we wanted to make our customers aware of this incident before malicious actors could utilize this information to their detriment. We felt time was of the essence, and we are expediently working through our investigation.

If you’re receiving this e-mail, it’s because you’ve been affected by the breach. In order to protect your assets, please download the latest version of Trezor Suite and follow the instructions to set up a new PIN for your wallet.

Sincerely,

Trezor

Copyright © 2022 Trezor / SatoshiLabs s.r.o., All rights reserved.

Our mailing address is:

Trezor / SatoshiLabs s.r.o.

Kundratka 2359/17A

Prague 8 18000

Czech Republic

1 Like

Thank everzone for reaching out.

Please see following post:

I just got this phishing email:

|Subject|Your Trezor Suite might be compromised|
|From|Trezor <[email protected]>|

Phil.

@philip_rhoades

Please do ignore/delete it.

It is a phishing domain.

Trezor, here is what I’m upset about. Yes, I got the same Phishing email that everyone else got. Here’s the issue. I signed up for your newsletter on your site using two separate emails. My normal email and a Hide My Email address email from icloud that I ONLY created for your mailing list. I have never used it anywhere else. And both of those email addresses got the phishing email. This means that TREZOR allowed someone access to your mailing list. Someone inside or outside of your company has circumvented your protective measures of your mailing list. This is a big issue to me. It means you do NOT have enough safety mechanisms in place to protect my information in your system. You are not taking enough proactive and protective steps to ensure the safety of your mailing list. This should not have happened, especially by a security company. PLEASE solve this problem. Please implement STRICT security measures to protect your customers’ contact info. You have failed to do this. Nobody should have been able to exploit this. I’m really disappointed that you allowed this to happen. Step it up.

2 Likes

Hello,
I have new coins on my Trezor wallet.
Could you tell me how to remove it, if they are scams ?

ETH2FORK(point)
CLAIM REWARDS [XENREWARDS(point)ORG]

3 CLAIM REWARDS AT [XENREWARDS(point)ORG]
$ USDCBONUS(point)C VISIT TO CLAIM BONUS

7 $ USDCBONUS(point)C VISIT TO CLAIM BONUS
$ USDCGIFT(point)C VISIT TO CLAIM BONUS

Thanks for your reply

Hi @Teddy87,

I believe these are ETH tokens, either from airdrops or scammers, so I moved your post into this thread. You can’t remove them so just ignore them. They are in the blockchain, not in your wallet, so they can’t do any harm. Please also read the first post in this thread and subsequent posts for more information.

1 Like

Hey @Teddy87,
these tokens can’t be removed completely. We are working on a possibility to hide such tokens. This feature will be available in one of the next releases. No set date yet.


Is this one of the scam tokens?

yes, the last one at the bottom.