From Trezor Wiki
Jump to: navigation, search

Phishing is often used to obtain sensitive information, such as usernames, passwords, or credit card details, by pretending to be a trustworthy entity and tricking users into sending their private information. Phishing is often done in practice by sending e-mails to users pretending to originate from a legitimate source and luring them into entering their private information online. It is important to note that no service should ever ask for your private information, especially if the service approached you. When in doubt, always verify you are in contact with the legitimate party by contacting the source yourself.

WarningMalicious websites masquerading as the official Trezor Wallet might ask you to enter your recovery seed in your browser in the order specified by the website.

Do not enter your recovery seeds anywhere unless the physical Trezor device instructs you to do so and you confirm your choice on your Trezor. Always trust only the instructions on your Trezor device.

Trezor will never contact users to ask for private information. Most importantly, never give any of the following to an external party: your recovery seed words, your passphrase, your PIN, your E-shop password, and never provide remote access to your computer. When in doubt, contact Trezor support directly.

See also Phishing attacks used to steal your coins (recommended reading).

Like Trezor? Get one here!