 |
Just wanted to give a heads up about a really targeted phishing scam I just dealt with. If you've ever bought a hardware wallet off a third-party site like eBay, definitely read this. I bought a Trezor Safe 5 off an eBay seller (nicksbargains1961) back in September. It arrived completely sealed and at factory settings, but I still wiped it and generated a new seed immediately just to be safe. Fast forward 9 months to today, and I get a random call from a UK number (02079730237). The guy claims he's from eBay. He knew my full name, the exact Trezor I bought, the date, and the seller's username. He tells me they've had reports of compromised wallets from this specific seller and then "transfers" me to a Trezor rep. The second guy tells me I need to plug my wallet into my phone because it "needs power to read the NFC chip" (lol). He directs me to a fake diagnostic site: trezorreview.io. The site actually looked pretty legit and immediately threw up a massive red warning saying "Device Memory Corruption Detected" and told me I needed to repair it right away. Obviously, to "repair" it, the site asked me to type in my recovery seed phrase. Since I had the scammer on the phone walking me through it, I decided to string him along. When the site asked for the words, I just typed in: FUCK OFF YOU SCAMMING CUNT DO YOU THINK IM FUCKING RETARDED CUNT. The guy hung up on me instantly. The smartest part of their scam is that they waited 9 months to try it. That means the 60-day window to leave negative eBay feedback is totally gone, so I can't even warn other buyers on the seller's profile. It also makes you drop your guard since the device looked perfectly sealed and legit upon arrival. Just a reminder that if you buy from eBay, assume your name, phone number, and purchase history are going to end up with scammers. Never type your seed phrase anywhere except the physical device. Stay safe. submitted by /u/FeatheredFox92 |
标题:警惕这起看似专业的 eBay/Trezor 手机钓鱼骗局
最近接触到一件高度针对性的网络钓鱼事件,分享给所有曾在第三方平台购买硬件钱包的朋友,避免重蹈覆辙。事件核心围绕一个看起来很专业、却极具欺骗性的电话骗局和伪诊断站点。
概要回顾
– 受害者购买:通过 eBay 购买了一只 Trezor Safe 5,卖家为用户名“nicksbargains1961”。商品到手时外观完好、仍处于出厂设置、并已被主动清空并重新初始化种子以确保安全。
– 警报来临:约九个月后,接到一个来自英国的来电,号码为 02079730237。对方自称来自 eBay,能认出受害者的姓名、购买的具体型号、交易时间和卖家用户名,声称该卖家存在“钱包被篡改”的报道,随后将通话转介给一名自称“Tr ezor 代表”的人。
– 虚假诊断环节:第二位自称 Trezor 代表的人声称设备需要连接到手机以“为 NFC 芯片供电”,并引导受害者进入一个伪诊断站点 trezorreview.io。该站点外观颇具正规感,并弹出错误信息如“Device Memory Corruption Detected”,声称需要立即修复。
– 钓取种子短语:诊断站点要求输入恢复种子短语。受害者在对方的引导下尝试“配合”,但选择以挑衅的方式将话语输入对方,导致对方立即挂断电话。
分析与应对要点
– 时间窗口错位的心理诱导:骗子选择在受害者与卖家交易已经过去一段较长时间后发动攻击,避免在 eBay 的负评窗口期内被快速警示。这一点说明骗子对交易信息的掌握较为深入,且善于选择脆弱时点发起攻击。
– 伪装的专业性:伪诊断站点看起来“很像正规的网站”,通过弹窗式警示制造紧迫感,诱导填写敏感信息。这类手法的关键在于让受害者相信设备确实需要“远程修复”。
– 秘密信息的防护底线:恢复种子短语属于最核心的安全要素,任何人要求输入都应当视为高风险行为。正规机构不会通过电话或网页请求种子短语。
– 教训总结:购买二手硬件钱包时,务必对卖家信息和平台信誉进行多层次核验,买家对任何请你提供种子短语、私钥、或恢复短语的请求都应坚定拒绝。
安全建议
– 永远不要在电话、聊天或网页表单中输入恢复种子短语、私钥或密码。任何自称“技术诊断”都可能是钓鱼手段。
– 即使对方掌握了部分交易信息,也不要被其“合法性”表象所迷惑。若对方要求你进行远程协助、下载未知程序或访问可疑站点,务必中止联系。
– 购买硬件钱包后,务必自行在离线环境中初始化种子,并在设备上完成种子备份。不要在网页上输入种子,即使对方声称来自品牌官方。
– 对于二手设备,优先选择官方渠道或受信任的二手市场、并在收到设备后进行離线检查,确保设备未被篡改且封条完整。
– 如遇可疑来电,先冷静核验:官方电话通常不会通过电话就诊断设备状态,更不会要求你提供种子短语。可通过品牌官方网站或官方客服渠道再次确认。
结语
这起事件提醒我们,网络钓鱼手段越来越注重情境化与专业化。即便设备看似“完好且新”,也不能因此降低警惕。在涉及数字资产的领域,信息的独特性与私密性决定了一切。始终以“先验证、再操作、绝不透露种子”为底线,才能降低成为高价值目标的风险。
若你最近遇到类似情况,欢迎在评论区分享细节与防范经验,我们一起提升社区的安全意识。 stay safe。