Crypto wallet TREZOR is warning users of a potential phishing scam that has resulted in the temporary halting of email communications with users.
Trezor says in a that an insider at the email marketing company MailChimp compromised the service, targeting crypto firms.
“MailChimp have confirmed that their service has been compromised by an insider targeting crypto companies.
We have managed to take the phishing domain offline. We are trying to determine how many email addresses have been affected.”
The hardware wallet firm that it will cease sending out its newsletter until the breach is addressed. Trezor also says that users should desist from opening emails purporting to come from the crypto wallet company.
“We will not be communicating by newsletter until the situation is resolved.
Do not open any emails appearing to come from Trezor until further notice. Please ensure you are using anonymous email addresses for Bitcoin-related activity.”
The hardware wallet firm also it has managed to take the phishing domains that it has identified offline.
“Domains trezor(.)us and suite(.)xn--trzor-o51b(.)com has been taken down.”
Phishing attacks targeting cryptocurrency users typically have the goal of compelling targets to disclose sensitive information such as their wallet seed phrase or passwords. Once the scammers obtain the information, they go on to drain the crypto assets from the target’s wallet.
The security breach announced by Trezor comes at a time when cryptocurrency scams are on the rise.
According to blockchain analytics firm Chainalysis, scammers made away with $14 billion worth of crypto assets in 2021, a 79% increase from 2020. The blockchain analytics firm noted that scamming comprised the largest form of crypto-related crime last year, ahead of outright crypto thefts.
