In the list of tokens section that I own as shown in my Trezor suite the following link (which I’ve modified a bit as links are not allowed to be posted here) has shown up:
$ VISIT BITUNI SITE TO CLAIM - $ bituni site
3,000 $ VISIT BITUNI SITE TO CLAIM
Hi, today when I logged in to my trezor I saw a new transaction with a message ‘‘Received $ VISIT (website url) TO CLAIM
+3,000 $ VISIT (website url) TO CLAIM’’ and it’s still under tokens in ethereum. I want to remove it but I don’t know how? Please be careful if you receive any transaction just like this… It’s annoying that it’s still in my trezor suite app, any solution would be highly appreciated!
Until “ignore token” or token blacklist/whitelist feature is implemented it is HIGHLY advised NOT to interact with airdropped scam tokens as you can loose your entire funds. You can either ignore them or just move your funds to brand new wallet/address. But remember to never interact with such airdropped tokens.
Thanks so much for your very quick reply. I was under the impression that my wallet would be secure and outside influences unable to leave messages there. I’m glad I checked in here first and did my research before connecting my wallet to anything odd. Finding a message actually inside my Trezor hard wallet made me think it must be something to do with Trezor - clearly not.
I really appreciate your response thank you and seasons greetings.
I deposited some Jasmy coins into my wallet. I then saw a new slot indicating I have 8,000 free coins and to go into a non-trezor website. I ejected my trezor and then restarted my windows pc and trezor suite was gone. It said it had been changed and moved.
Any update on the feature to hide such scams? 1st report was over one year ago, I’ve been reasurred trough email that a fewture is in the works 4 months ago and I’ve seen no progress.
Most of these are getting smart now, they use the attack vector of you trying to "move or delete them by sending to 0x000) and in the progress they REQUIRE a smart contract approval which is later used to drain your account on ethereum.
I’ve written on ethereum github a feature proposal to add a way to remove such coin without contract interactions and they refuse to do so, same way you’re refusing to improve trezor.
Other wallets such at Metamask are already implementing whitelists with the coins that show up on your wallet.
On top of this the recent news about “address poisoning” which targets the users that copy address from transaction logs and don’t verify the entire address by trying to match 1st and last digits your address has.
I love trezor and I’ve using it since day one, but, postponing this features is unjustified and rises serious questions.