Users of Ledger, a prominent crypto hardware wallet provider, have reported an increase in phishing scams in which fraudsters are impersonating the company’s support email to extract sensitive information. These deceitful messages claim that Ledger has experienced a data breach, urging recipients to verify their private seed phrases in an effort to “protect” their digital assets.
The fraudulent emails are disguised to appear as if they are sent from Ledger’s official support address, though investigations reveal they were actually dispatched via an email marketing platform. Recipients are directed to a website that mimics the look and feel of Ledger’s legitimate site, misleading visitors into attempting to “verify” their devices. This false verification process prompts users to input their seed phrases — a critical piece of information that, if disclosed, would grant the scammers complete access to the users’ wallets, enabling them to siphon off all funds.
In response to concerns raised by users, Ledger acknowledged that phishing attempts are unfortunately commonplace in the digital landscape. The company emphasized that it would never request sensitive information such as a 24-word recovery phrase through direct messages or calls. Any such request should be treated as a scam.
While it remains unclear if any Ledger users have fallen prey to this particular phishing scheme, there was a recent incident involving a user who reported a loss of $2.5 million in Bitcoin and non-fungible tokens despite asserting they had never shared their seed phrase online. Investigators believe the user became a victim of a phishing attack back in February 2022, although the funds were only drained recently.
Security analysts predict that phishing attacks may surge in frequency during the holiday season, correlating with an increase in online shopping and transactions. Moreover, Meta has alerted its users to various scam campaigns targeting holiday shoppers, indicating that cybercriminals may be capitalizing on the festive period for their illicit activities.
