Phishing and vishing are ways that cyber attackers trick users into revealing sensitive information. Trezor users are often targeted with fake emails, websites, or phone calls that appear to be from Trezor. Attackers may ask users to enter their seed phrase, provide login credentials, or connect their device to a malicious website.
Once attackers have access to private keys, they can transfer funds to their accounts, leaving victims with nothing. To avoid falling victim to these scams, always double-check the authenticity of any communication or website and keep software and firmware up to date.
By keeping these additional tips in mind and following the original ones, you can protect yourself from phishing scams and keep your digital assets safe.
One way to ensure that you are accessing a legitimate Trezor web wallet is to bookmark it in your browser. This will allow you to quickly access the site without having to type in the URL each time. Make sure to only bookmark web wallets that are known to be legitimate and trusted, such as https://suite.trezor.io/web. By doing so, you can reduce the risk of falling victim to a phishing scam and keep your digital assets safe.
To ensure that you download the genuine Trezor Suite application and avoid falling victim to phishing scams, it is crucial to only download it from the official Trezor website at https://trezor.io/trezor-suite.
Moreover, you can always confirm the legitimacy of the application by following the steps outlined in this article. By doing so, you can confidently use a legitimate and secure version of Trezor Suite.
By creating a unique, strong passphrase, you make it harder for attackers to gain unauthorized access to your account even if they obtain your recovery seed. Keep your passphrase confidential and separate from your recovery seed to enhance your security against phishing attempts. Never share it with anyone! For Model T users we suggest typing your passphrase on the actual device using the touchscreen, and rememebr your Trezor will always ask for conformation on the device's screen.
If you receive a message claiming to be from Trezor via text message, WhatsApp, Telegram, phone call, or postal letter, treat it as a phishing attempt. Report the message as spam and block the sender immediately. Trezor will never contact you through these methods. Exercise caution with unsolicited communications and verify their sources. Report any suspicious activity to Trezor's official channels. Stay vigilant and safeguard your digital assets.
Your recovery seed is the key to your digital assets and should be kept confidential at all times. Sharing it or making digital copies can put your assets at risk, as they may become accessible to hackers or unauthorized individuals. To ensure the security of your investments, store your recovery seed in a safe and secure location, away from prying eyes. Protect your digital wealth by keeping your recovery seed private.
Authentic SatoshiLabs domain names:
Some phishing attempts try to trick you into believing that your Trezor device will be 'deactivated' or 'blocked' due to KYC (Know Your Customer) reasons. However, Trezor is not able to 'block' or 'deactivate' your device. Any request asking you to do so is fraudulent.
To report a phishing message, simply type “I want to report phishing” to Hal and follow the instructions. Hal will guide you through the process of reporting the message and provide you with any additional information you may need. By reporting phishing attempts, you can help protect other Trezor users and prevent cyber attackers from stealing digital assets.
Additionally, it's recommended to keep an eye on our official forum for any news or updates concerning security.
You can find the forum here.
By taking these precautions outlined in this article and staying informed, you can enjoy the security and peace of mind that comes with using your Trezor.