I fear that this is only the start of a long campaign in draining the funds of users that were both unaware of this 3rd-party support portal hack and are not that savvy in what concerns their devices and best security practices...
Holy Moly. I received a message from Trezor too and it seemed legitimate at first. Being a little bit tech savvy though I quickly realized it can not be real and ignored it. But this can easily fool the regular person using Trezor or Bitcoin, all it takes is them having trust in the Trezor team.
Trezor should add multiple warnings in the boxes of their products. They should make it clear to every body that Private Keys and Seeds should NEVER be given away even to the Support team of Trezor or it may lead to loss of funds. Even after so many years, too many people STILL do not understand this.
Hell. I would add such a warning on the boot screen too and particularly on the Seed Phrase paper. Bold text on red background, make them notice the warning before attempting any thing stupid.