Sure, all of us so many times, but how did they make it look like it was from Trezor, how did they spoof noreply@trezor.io?

Just read their blog, seems someone got access to their support portal, but could they send emails form it?!?

Weird..

I ordered a Trezor years ago and never used it or the support portal 🤷‍♂️