Blockstream, the Bitcoin infrastructure and hardware wallet provider, has warned users of a new email phishing campaign targeting its Jade hardware wallet. The fraudulent emails claim to provide a firmware update, but instead link to a malicious site.
In its official statement, the company emphasized that it never sends firmware files via email and reassured users that no data has been compromised.
Phishing attacks remain one of the most persistent risks in crypto, often disguising themselves as legitimate communication to trick users into exposing sensitive information or transferring funds.
Crypto phishing losses on the rise
The scale of phishing scams continues to expand. Data from Scam Sniffer shows that crypto users lost over $12 million in August alone, impacting more than 15,000 victims. Their report for August marks a 67% increase compared to July, underscoring how quickly attackers are refining their methods.
However, phishing is only part of the challenge. A report from blockchain security firm Hacken found that crypto users lost over $3.1 billion to scams and hacks in the first half of 2025, a sharp jump from 2024 levels. 2025 has been a wake-up call for the industry.
“Cybersecurity is no longer just a technical safeguard — it’s a core business function,” — Yevheniia Broshevan, Hacken Co-Founder & CBDO
With scams growing more sophisticated, security experts stress the importance of verifying the source of all communications, using hardware wallets purchased only from official retailers, and double-checking URLs before downloading any files.
Threats variety
Security researchers have warned that generative AI tools are helping attackers craft convincing fake emails, websites, and even deepfaked communications.
A recent analysis from TechRadar suggested that the majority of ransomware and phishing operations are already enhanced by AI, making them harder for users to detect.
In July, attackers compromised 18 JavaScript packages on npm, software libraries downloaded roughly two billion times each week, through a phishing email that enabled a two-factor authentication reset for maintainers.
It is described as one of the largest supply-chain compromises to date, highlights how phishing is no longer confined to direct wallet scams but is increasingly targeting critical infrastructure used across the crypto ecosystem.
Recent incidents show that the threat to hardware wallet users isn’t limited to fraudulent firmware emails, scammers are increasingly using social engineering, spoofed domains, and contact-form exploits to impersonate wallet makers and trick users into revealing sensitive information.
For example, Trezor recently reported a phishing campaign that abused its support contact form. Attackers submitted support requests using user email addresses, triggering automated replies from Trezor’s official domain.
The scam messages appeared to come from Trezor support, with subject lines and emails that users often found credible. Trezor confirmed that no internal systems or infrastructure were compromised, but urged users never to share wallet backups under any circumstances.
Informed
Hardware wallet providers, including Blockstream, stress that firmware should only ever be downloaded from their official websites or GitHub repositories, never through email links.
Staying informed and cautious is not just prudent; it is essential to safeguarding digital assets in an environment where threats continue to grow.
Kristian Koch
Disclaimer: All materials on this site are for informational purposes only. None of the material should be interpreted as investment advice. Please note that despite the nature of much of the material created and hosted on this website, HODL FM is not a financial reference resource, and the opinions of authors and other contributors are their own and should not be taken as financial advice. If you require advice. HODL FM strongly recommends contacting a qualified industry professional.
