Phishing is often used to obtain sensitive information, such as usernames, passwords, or credit card details, by pretending to be a trustworthy entity and tricking users into sending their private information. Phishing is often done in practice by sending e-mails to users pretending to originate from a legitimate source and luring them into entering their private information online. It is important to note that no service should ever ask for your private information, especially if the service approached you. When in doubt, always verify you are in contact with the legitimate party by contacting the source yourself.
Trezor will never contact users to ask for private information. Most importantly, never give any of the following to an external party: your recovery seed words, your passphrase, your PIN, your E-shop password, and never provide remote access to your computer. When in doubt, contact Trezor support directly.