Phishing scammers are targeting Ledger users by sending fraudulent emails that claim the crypto hardware wallet provider has suffered a “recent data breach.” These emails, designed to steal users’ wallet keys, mimic Ledger’s legitimate support communication to trick recipients into revealing their 24-word recovery phrase.
How the Ledger Scam Works
The fake emails, sent through an email marketing platform, appear to come from Ledger’s official support address. They direct recipients to a Ledger-branded website that looks authentic and urges them to “verify” their device to check for possible compromise.
Once on the site, users are prompted to enter their recovery phrase, which scammers can use to access and drain funds from the victim’s wallet. Sharing the recovery phrase grants full control of the wallet to the attacker.
Ledger responded to concerned users on X, clarifying:“Ledger will never call, DM, or ask for your 24-word recovery phrase. If someone does, it’s a scam.”
The extent of the damage remains unclear, but this scam follows a pattern of phishing attacks targeting Ledger users.
Growing Threats in the Crypto Space
The phishing attempt comes shortly after a December 13 report where another Ledger user lost $2.5 million in Bitcoin and NFTs. Although the user claimed never to have shared their seed phrase online, security experts believe they fell victim to a phishing attack in early 2022, with funds drained only recently.
Ledger has also faced past security challenges, including the December 2023 compromise of its connector library, which allowed attackers to steal $484,000 from users accessing decentralized finance apps.
Security analysts warn that phishing scams are likely to increase during the holiday season, targeting both crypto users and general online shoppers. Meta recently alerted its users to scams involving fake holiday promotions and counterfeit coupons.
Crypto phishing losses dropped 53% in November to $9.3 million, but scammers appear to be ramping up efforts during the busy holiday period. Ledger users and all crypto holders are advised to remain vigilant and never share their recovery phrases or other sensitive wallet information.