How to protect your crypto from scams
Weâve seen a sharp rise in phishing scams across the crypto space, some specifically targeting Trezor users.
Some of these scams are disturbingly convincing. They impersonate exchanges, Trezor Support, other hardware wallet brands⊠even Trezor team members!
Given the nature of self-custody (you are in full control), we think itâs important youâre fully aware and informed about these threats and how to keep your crypto secure.Â
Hereâs what weâre seeing:Â
- Fake emails with subject lines like âAI Wallet Updateâ, âSecurity Incidentâ, or âCritical Vulnerabilityâ
- Scam phone calls pretending to be Trezor support and other brands
- Counterfeit Trezor devices listed on specific retail sites
- Phishing ads pretending to be Trezor
- Fake Trezor apps and imposter websites
- Fake social media profiles impersonating our teamÂ
The most common pattern?Â
Phishing emails are often sent from legitimate email platforms.
They use trusted-sounding domains from compromised or misused accounts.
They look real.
But theyâre not.
Whatever you do, please remember this:
This means that you should never manually type your wallet backup into your computer or phone, and itâs never needed for security updates.
This will only happen if your Trezor is lost, damaged, youâre checking your backup, or youâre setting up a new one. These situations are extremely rare.
Most people havenât used their wallet backup after the day they set up their hardware wallet, and thatâs quite normal.
Recovering a wallet is uncommon, so if anyone is prompting you to do it, it should immediately raise suspicion.
*For the original Trezor Model One, you do type the wallet backup manually, but itâs only when you recover your wallet, when your device is connected to Trezor Suite. The device will prompt you for which word should be entered and which position.*
Scammers often try to make it look harmless, asking for a ârecovery keyâ, âbackup codeâ, or âpassphraseâ.
They may even disguise it as a âbug fixâ, âlog inâ, or âsecurity checkâ.
Itâs still your wallet backup.
And it should never be shared. Ever.
This also applies to anyone asking for passwords, 2FA codes, or any personal information. All are clear red flags of a scam.Â
Feeling rushed or pressured? Step back.
Scammers rely on fear, panic, and urgency to cloud your judgment.
If you receive a message about your crypto that makes your stomach drop or demands fast action:
- If itâs a call, hang up.
- If itâs a DM, ignore it.
- If itâs an email, close the tab.
Even experienced users have fallen for these scams, and most victims immediately realized something was wrong after sharing the keys to their crypto.
Take a breath. Think it through. Verify the information on your terms.
If your wallet backup is safe, secure, and offline, have confidence knowing your crypto is in your control.
Our official emails are sent from noreply@trezor.io, and our authentic site domain is @trezor.io.
Scammers often use similar-sounding domain names, but itâs easier to filter if you verify the address.
Even so, always stay vigilant.
ÂNever share your sensitive crypto information with anyone, no matter how legitimate they seem, even if the domain looks official.
You will only ever download Trezor Suite from the official site, and that happens very rarely: usually once when setting up your Trezor and maybe a second time if you get a new computer.
Hereâs what weâre doing to fight these scams:
- Working with our anti-phishing service provider Phishfort to remove phishing sites, averaging 48.79 hours per takedown over the past 6Â months
- Reporting scam domains used in attacks
- Submitting legal escalations to retailers with fake product listings
- Reporting phishing ads to our account team for takedown
- Updating Trezor Suite and trezor.io with phishing alerts
We take this very seriously and will continue fighting against these scams.
Thank you for securing your crypto with Trezor.
Take control.
Stay in the loop with our Trezor newsletter
Want insider offers, product news, and crypto insights delivered to your inbox?
Join our newsletter and stay updated!
Thanks for reading! If you enjoyed this article, give it a clap (or a few!) and drop a comment belowâââweâd love to hear your thoughts. Donât forget to follow for more insights and updates on the exciting world of crypto security.
Stay secure, and see you next time!
Crypto phishing on the rise: protect your Trezor and wallet backup was originally published in Trezor Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.