Here's How You Can Protect Yourself Against Phishing as Trezor is Attacked

cryptonews.com:

Trezor, a popular Bitcoin (BTC) hardware wallet, has revealed that its newsletter has been compromised, warning users of phishing attacks -- but the team's chief information security officer (CISO) shared tips on how to stay crypto-safe just days earlier.

The incident comes several days after Jan Andraščík, CISO of SatoshiLabs, the team behind Trezor, published a detailed guide instructing crypto users on how to improve their security. In the article, Andraščík shared 10 tips that could lower "your chances of being attacked."

In the first place, he emphasized the importance of having strong, unique passwords. He suggested passwords be 12 or more characters and include both lowercase and uppercase characters, digits, and special symbols.

Secondly, he recommended the use of multifactor authentication. There are various types of multifactor authentication, but SMS authentication and software-based authentication are the most widely used methods.

Other tips include:

The company confirmed the attack in a Sunday morning tweet, saying that they are "investigating a potential data breach of an opt-in newsletter hosted on MailChimp."

Trezor warned that:

"A scam email warning of a data breach is circulating. Do not open any email originating from [email protected], it is a phishing domain." 

Some Trezor users took it to Twitter early Sunday to reveal a suspicious email they received from Trezor via their registered email addresses.

The email claims that the company has “experienced a security incident” that breached the data of 106,856 users. It then asks users to download Trezor's latest version, which is actually a version of the company’s desktop suite software from a replica website.

In the latest update, Trezor said "MailChimp has