Trezor Warns Users About New Phishing Scam Wave

On August 8, 2025, Trezor sent out an email to customers. The company said there’s been a noticeable jump in phishing attacks. These scams are going after people who use Trezor wallets and other crypto services.

In the note, Trezor explained how the attackers work. Some pretend to be part of the company. Others act like they’re from exchanges or different wallet brands. The methods change — sometimes it’s a fake email, other times a phone call, a fake ad, or even a fake app or social media account. All of it is meant to trick you into giving away your keys.

What Trezor Has Seen Lately

The email listed a few of the more common tricks:

• Emails with urgent titles such as “Security Incident” or “Critical Vulnerability.”
• Scam calls pretending to be tech support.
• Counterfeit Trezor devices being sold online.
• Ads made to look like they’re from Trezor.
• Fake apps and cloned websites.
• Social accounts pretending to be staff.

Trezor’s main reminder was simple: never type your recovery seed into a computer or phone. The only time you should enter those words is on the device itself, and only when you’re restoring a wallet. That’s rare. If anyone asks for those words — even if they call it a “backup code” or “passphrase” — it’s a scam.

Signs You Might Be Dealing With a Scam

The email said scammers often try to make people feel rushed. They want you to panic. That’s when mistakes happen. The advice was:

• If a call feels off, hang up.
• If a DM seems strange, ignore it.
• If an email looks wrong, just close it.

If your recovery words are stored safely and offline, your crypto is still yours.

They also pointed out the need to double-check where messages come from. Real Trezor emails come from noreply@trezor.io. The official site ends with @trezor.io. Even if something looks right, it’s safer to type the address into your browser yourself.

What Trezor Says It’s Doing

Trezor explained that it’s working to limit these scams. They said they are:

• Working with Phishfort to get phishing sites taken down. On average, it takes about two days.
• Reporting bad domains.
• Filing legal notices to remove fake product listings.
• Flagging phishing ads for removal.
• Adding alerts to Trezor Suite and their main website.

They finished by saying their email database hasn’t been leaked. The phishing attempts are part of a wider trend in the crypto world, not just aimed at them.

This Isn’t the First Time

Earlier this year, Trezor sent out a similar warning about a different kind of phishing. In that case, attackers used Trezor’s own contact form. They filled it in with someone else’s email address so that the person would get an automated reply. That reply made the phishing look like it came straight from support.

The company stopped that method quickly, but the August update shows the scammers are still trying new things.

Staying Safe

The advice is the same for anyone holding their own crypto:

• Keep your recovery words somewhere offline.
• Don’t give them to anyone.
• Don’t let urgent messages push you into fast action.
• Check every email and link carefully.
• Only download Trezor Suite from the real site.
• Let Trezor know if you see something suspicious.

---