Trezor’s support platform abused in crypto theft phishing attacks www.bleepingcomputer.com/news/secu…

Trezor is alerting users about a phishing campaign that abuses its automated support system to send deceptive emails from its official platform.

The company’s support site allows anyone to open a ticket using any email address and subject line. The system then replies automatically, sending a case number and using the submitted ticket title as the email subject.

Attackers abuse this feature by submitting tickets with titles containing urgent phishing messages, such as “[URGENT]: vault.trezor.guide - Create a Trezor Vault now in order to secure assets who may potentially be at risk.”

Users who were tricked into visiting the domain on their browsers were taken to a phishing page asking for their wallet seed.