Ledger Users Targeted in Fake Security Letters Scam

Scammers target Ledger users with fake security letters, stealing recovery phrases and draining crypto wallets through phishing schemes.

by .
Published:
Hacker looking straight at you, whilst hacking.
Created by Kornelija Poderskytė from DailyCoin
Google News Follow Button

Ledger, the crypto hardware wallet company, has confirmed a new wave of sophisticated phishing attacks, this time involving physical letters mailed directly to customers.

On Tuesday, crypto user Jacob Canfield sounded the alarm on X, sharing images of a fraudulent letter posing as official Ledger communication.

The letter warns of an “urgent security update” and instructs recipients to scan a QR code and enter their 24-word recovery phrase to avoid disruptions to their wallet. It also threatens restricted access if the process is not completed.

Sponsored

Crypto Prediction Markets
Place your prediction  ·  View all markets
Sponsored by 🎯 Predict & Win
Live
BTC next move: Pump to $67.2K or Dump to $55K?
78% Bullish 22% Bearish
Pump to $67.2K
Dump to $55K
$2,841,392
Ξ
Live
ETH next move: Pump to $1.8K or Dump to $1.5K?
61% Bullish 39% Bearish
Pump to $1.8K
Dump to $1.5K
$1,204,551
Live
SOL next move: Pump to $75.82 or Dump to $62.04?
55% Bullish 45% Bearish
Pump to $75.82
Dump to $62.04
$438,209
18+ · Gambling involves risk. Play responsibly.

The letter also warns that failure to complete “this mandatory validation process” may result in restricted access to the user’s wallet and funds.

In reality, the QR code leads to a phishing site. Once the recovery phrase is entered, attackers gain full access to the wallet and can drain all assets remotely.

“Scammers impersonating Ledger and Ledger representatives are unfortunately common,” the official Ledger X account commented.

“Always remember: Ledger will never call, DM, or ask for your 24-word recovery phrase. If someone does, it’s a scam. Stay cautious and keep your crypto safe.”

The company also warned users not to interact with anyone claiming to be a Ledger employee or offering help recovering stolen funds.

Old Data Leak, New Tactics

Canfield believes the attackers used personal data from a previous breach. In 2020, Ledger disclosed a major data leak that exposed the emails, physical addresses, and phone numbers of over 273,000 customers. That information was later posted to a public hacking forum.

In 2021, some users reported receiving fake Ledger devices that were rigged to install malware if plugged into a computer.

Why This Matters

Crypto scams, designed to steal sensitive information and gain access to digital assets, are increasingly using more personalized tactics and remain a serious threat to crypto users.

Check out DailyCoin’s trending crypto stories:

Trump Crypto Team’s $20M Sell-Off Sends Memecoin Price Crumbling
XRP To Replace SWIFT? Ripple CEO Uncovers a $155T Opportunity

DailyCoin's Vibe Check: Which way are you leaning towards after reading this article?
Market Sentiment
0% Neutral

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Tags
Author
Alex Costa
Alex Costa

Alex Costa is a crypto writer and investor specializing in researching, analyzing and reporting on promising small-cap projects that are gaining traction in the industry. He has been in crypto since 2018, when he began looking for hidden gems in crypto. Today, he is dedicated to finding the next top performing NFTs and tokens.

Read more

Subscribe here