CRYPTO

Beware of Deceptive Crypto Wallet Emails!

Wed Oct 22 2025

A phishing scam attempted to deceive users by impersonating Trezor, a company known for its secure crypto wallets. The email, with a subject line designed to instill fear, read:

"Quantum Vulnerability Disclosure."

The email claimed there was a new update for Trezor wallets to protect against fake threats from "quantum technology." It urged users to update their devices immediately to keep their information safe.

The Catch: A Hacked Substack Account

The email was not from Trezor. Instead, it originated from a hacked Substack account belonging to Greg Lockard, who runs a comic book newsletter. Hackers exploited a feature that allows creators to add emails to their list without confirmation, sending phishing emails even to non-subscribers.

Exploiting a Security Flaw in Trezor's Support Portal

The hackers also took advantage of a security flaw in Trezor's support portal, which was compromised earlier in 2024. If users clicked on the "Upgrade Firmware" button, they were redirected to a fake website called quantumshield-trezor.

continue reading...

questions

    Will hackers start using quantum computers to guess the last slice of pizza in the office fridge?
    How can users better verify the authenticity of emails claiming to be from reputable companies like Trezor?
    What are the ethical implications of using fear tactics, such as fake quantum vulnerabilities, in phishing emails?

actions

flag content