- Scammers are targeting Ledger users with fake letters mimicking official branding, urging them to scan a QR code and enter their 24-word recovery phrase under the guise of a “security update”.
- The letters are part of a phishing scheme exploiting data from Ledger’s 2020 breach, which exposed personal details of over 270,000 users, including home addresses.
- Ledger reiterated that it never asks for seed phrases, warning users to ignore all such requests, regardless of how legitimate they may appear.
There’s a new type of scheme targeting Ledger users directly, and it involves the same good ol’ phishing attacks, but this time, sent via traditional mail.
It involves fake letters (very well and carefully designed, I must add) sent directly to users to steal recovery phrases under the pretense of a so-called “critical security update”. The scheme was highlighted by crypto influencer Jacob Canfield, who shared on social media a letter he received at home.
The thing is, the document closely mimics Ledger’s official branding and includes a QR code that directs recipients to a website asking for their 24-word recovery phrase. It warns that failing to comply could result in losing access to the wallet and its funds.
Related: Strategy’s ‘Synthetic Halving’ of Bitcoin Could Send Prices Soaring, Analyst Adam Livingston Warns
Ledger responded to Canfield’s disclosure, reiterating its most basic warning: the company will never ask for your seed phrase. Any request for it, regardless of the channel, is an attempted theft:
Please do not engage with accounts claiming to be Ledger employees or anyone offering to help recover funds.
Ledger
The thing is, this letter is so well redacted and designed, that even Canfield prompted Ledger to act on it, calling the scheme a “pretty complex scam”, and asked whether the company has warned its users about the risks posed by this latest phishing method.
Ledger’s Data Breach Echoes
If you’re wondering how the scammers even know where their victims live, then the answer probably traces back to the July 2020 data breach, in which the names, phone numbers, and home addresses of over 270,000 Ledger customers were exposed.
Yes, that database has been circulating ever since. What’s changed is the tactic: instead of phishing emails or fake websites, scammers are now turning to physical mail. A few years ago, some users even reported receiving counterfeit Ledger devices, preloaded with malware and packaged to look like the real thing.
But no matter the delivery method, the rule is always the same: if someone asks for your seed phrase outside your physical device, they are trying to steal from you.
Related: Bitget Pursues Legal Action Against Traders Over $20M VOXEL Token Manipulation
Credit: Source link
