Last checked: October 1, 2025
Status: Reported

What this report means and what to do next

Phishing is a type of online fraud where attackers create fake pages or messages that look like a legitimate service in order to trick you into sharing private information — such as passwords, private keys, recovery phrases, or payment information. Because cryptocurrency hardware wallet providers like Trezor are a focus of high-value targets, phishers often create convincing imitations of download pages, support portals, or account login screens. This page is an informational warning: the address you visited has been reported as suspicious and should not be trusted.

If you landed here while trying to access your hardware wallet or account, do not attempt to enter any credentials, seed phrases, or install anything from this page. Malicious pages may ask you to "restore" or "verify" your recovery seed — those are clear red flags. Legitimate wallet providers never ask for your recovery phrase through a website. Treat any request to reveal or type your seed phrase into a web page as an immediate sign of compromise.

Steps to protect yourself: first, close the suspicious tab and clear your browser cache. If you already entered sensitive data, immediately assume that data is compromised: change passwords for the affected accounts and revoke any exposed keys or API tokens. For crypto wallets, if a seed phrase may have been exposed, transfer funds to a new wallet whose seed was created securely offline, and consider contacting the wallet provider's official support for recovery guidance.

How to confirm the real Trezor site: check the browser address bar for the exact domain (trezor.io), ensure the page uses HTTPS, and click the padlock to inspect certificate details. Bookmark official pages you use often, and access them only from those bookmarks or via known official channels. Be cautious of search results and third-party links that might lead to impostor pages.

Reporting suspicious pages helps protect others. Use your browser's built-in phishing report feature or report the URL to safe-browsing services. If you saw a message claiming to be from Trezor asking for recovery data, treat it as fraudulent and report it to official Trezor support channels.

Quick checklist: Do not type recovery phrases anywhere on this page — ever. Verify the domain is trezor.io. Use bookmarks to reach official pages. Report suspicious URLs immediately.
Official site: https://trezor.io
This page is an informational warning only. If you are the site owner and believe this is an error, contact your hosting provider and the browser safe-browsing service that flagged you.