Focused guide

Fake Trezor Token Airdrop Claim Sites

Fraudulent sites claiming Trezor is distributing a new TRZR token airdrop to hardware wallet users prompt victims to connect their software wallets and sign malicious approval transactions.

Part of: Fake Token Airdrop Claim Site

Last reviewed: 8 June 2026

Trezor is one of the most recognized hardware wallet brands in cryptocurrency, which makes its name a useful lure for fake airdrop campaigns. Scam sites announce that Trezor is rewarding 'long-time hardware wallet users' with an allocation of a new token — sometimes branded TRZR or 'Trezor Protocol Token' — as part of a decentralization initiative.

The campaign is typically promoted via Twitter/X sponsored posts, Reddit threads in cryptocurrency subreddits, and Telegram groups. The announcement is professionally styled and references real Trezor product details — model names, firmware version references, and the SHA Shamir Backup feature — to appear authentic.

Trezor does not issue or distribute proprietary tokens. It is a hardware wallet manufacturer and has no DeFi protocol, governance token, or airdrop program. Any claim to the contrary should be verified exclusively at trezor.io before taking any action.

How this scam works on the Trezor brand

The fake site presents an eligibility check: users enter their wallet address to see how many tokens they qualify for, based on supposed 'Trezor device registration data.' The number returned is always positive — it is randomly generated to ensure the user continues.

Clicking 'Claim Tokens' launches a WalletConnect or MetaMask injection popup. After connecting, the site presents a token-approval transaction for an ERC-20 contract. The approval grants unlimited spending rights to the attacker's contract. Some variants serve an EIP-712 permit signature instead, which is gasless and appears less threatening because no ETH fee is required.

After approval, the site shows a 'transaction pending' loading screen indefinitely while the attacker's backend submits the approval and drains the wallet. Trezor Suite — the real Trezor software — never asks users to connect to third-party websites for reward claims.

Common red flags

Site URL is not trezor.io — fake domains include trezor-airdrop.com, trzr-token-claim.io, and similar
Promises a TRZR token or other 'Trezor Protocol Token' — Trezor has not issued any tradeable token
Requires connecting a software wallet to claim a reward from a hardware wallet company
Eligibility is based on a wallet address, not on verifiable Trezor device registration on trezor.io
Announcement found only on social media, not on trezor.io's official news or blog
Approval transaction requests unlimited ERC-20 spending rights for an unfamiliar contract

How to protect yourself

Verify any Trezor promotion directly at trezor.io — Trezor's official communications are on its blog and via the Trezor Suite application
Never connect a software wallet to a third-party website to claim rewards from a hardware wallet company
Before signing any approval, check the spender address on Etherscan and confirm the contract is audited and publicly documented
Revoke any suspicious approvals immediately after the incident at revoke.cash
Use Trezor hardware confirmation for all transactions involving assets; the device screen will show the actual contract being interacted with

How to report it

Report phishing sites to Trezor at [email protected]
Submit the URL to Google Safe Browsing and MetaMask's phishing list at github.com/MetaMask/eth-phishing-detect
File a report with IC3.gov (US) or Action Fraud (UK)
Alert the r/TREZOR subreddit community to warn other users

Frequently asked questions

Has Trezor issued any official tokens or airdrops?

No. Trezor is a hardware security company and has not issued tradeable tokens, governance tokens, or airdrop programs. Any campaign promoting a 'Trezor token' is fraudulent.

If my Ledger or Trezor is secure, how can my wallet still be drained?

Hardware wallets protect your private keys. They cannot protect you from willingly approving a malicious token-spending permission. The attack works by convincing you to grant approval — no key theft is required.

How this scam works on the Trezor brand

Common red flags

Site URL is not trezor.io — fake domains include trezor-airdrop.com, trzr-token-claim.io, and similar

Promises a TRZR token or other 'Trezor Protocol Token' — Trezor has not issued any tradeable token

Requires connecting a software wallet to claim a reward from a hardware wallet company

Eligibility is based on a wallet address, not on verifiable Trezor device registration on trezor.io

Announcement found only on social media, not on trezor.io's official news or blog

Approval transaction requests unlimited ERC-20 spending rights for an unfamiliar contract

How to protect yourself

Verify any Trezor promotion directly at trezor.io — Trezor's official communications are on its blog and via the Trezor Suite application

Never connect a software wallet to a third-party website to claim rewards from a hardware wallet company

Before signing any approval, check the spender address on Etherscan and confirm the contract is audited and publicly documented

Revoke any suspicious approvals immediately after the incident at revoke.cash

Use Trezor hardware confirmation for all transactions involving assets; the device screen will show the actual contract being interacted with

Frequently asked questions

Has Trezor issued any official tokens or airdrops?

No. Trezor is a hardware security company and has not issued tradeable tokens, governance tokens, or airdrop programs. Any campaign promoting a 'Trezor token' is fraudulent.

If my Ledger or Trezor is secure, how can my wallet still be drained?