Essential Tips to Protect Your Hardware Wallet Purchase | Provided by SatoshiLabs | August 2024
Authorized sellers only
To ensure the security of your digital assets, always buy from authorized sellers. Buying from unauthorized third parties increases the risk of receiving a tampered device. Beware of illegal sellers and phishing sites that imitate official channels.
From time to time, small numbers of counterfeit devices do appear on the market. Recently, we have seen reports of counterfeit Trezor hardware wallets, especially older models such as the Trezor Model One and Trezor Model T, appearing in Russia and the UAE.
I can’t stress this enough. Never buy a hardware wallet from an unverified source. It’s not worth the risk. The official Trezor Shop is the safest way to buy a Trezor and ships to most parts of the world. There’s also an Amazon store, or you can use an authorized Trezor reseller listed on the website.
Signs of tampering
Upon arrival, inspect the device thoroughly for signs of tampering.
packaging
If the packaging is deformed or damaged, consider it a danger sign.
Here are some images to help you distinguish between genuine and fake Trezor packaging.
Original
FALSE
Original
FALSE
Original
FALSE
Original
FALSE
Although damage to the packaging during transit does not mean the device is damaged, it does provide a quick and easy warning to pay special attention to other security features that could indicate an attack, such as firmware signatures or irregularities in the device’s plastic case.
💡The first hardware cryptocurrency wallet, the Trezor Model One, has been on the market for quite some time. Take a look at how our packaging has changed over the years.
There is no magnet
Make sure the device is not standing upright, as this can indicate tampering. Let’s take a look at what the original Trezor looks like compared to the tampered Trezor, with regards to the magnets that hold the device in place inside the box.
Original
FALSE
Tamper-evident seal
All Trezor models use a holographic sticker to indicate authenticity, and the Model One box is glued shut, requiring the device to be broken to use it. This measure helps to determine whether the packaging or device has been used since leaving the factory.
Device Status
Inspect the device for any suspicious markings or irregularities. A properly sealed device should show no signs of being opened.
Here is an image of the damaged case glued together.
SLIP39 Features
When you select the new wallet backup standard SLIP39, you will see 65 words incorrectly displayed instead of the expected 20. This clearly indicates a tampered or counterfeit device.
Here is one example of this:
For more information about SLIP39,
Firmware revision check is a new step introduced that is designed as an additional safeguard against counterfeit Trezor devices. This step acts as an additional device ‘authenticity check’ to catch more advanced counterfeit devices in circulation.
For more information about this, please check our knowledge base.
If you purchased your device from an official source, it is very unlikely that there is anything wrong with your device. If your order arrives with signs of tampering or if you purchased it from an unauthorized reseller, please contact Trezor Support or start a discussion on the Trezor forum and they will guide you through how to check for infringement.
In short, when purchasing a hardware wallet, prioritize safety. Stick to official Trezor channels, inspect the device upon arrival, and get support if necessary.