Key Notes
- The phishing campaign uses professional email platforms like SendGrid and fake Ledger-branded websites.
- Scammers validate recovery phrase inputs to ensure accurate data collection, granting them full access to victims’ wallets.
- In response to the attacks, Ledger reminded users never to share their 24-word recovery phrases and emphasized vigilance.
The widely used cryptocurrency hardware wallet Ledger has been seeing a fresh phase of phishing scams. Cybercriminals are sending fake emails that mimic official communications, attempting to trick wallet users into revealing their recovery phrases.
These scams have spurred up recently amid heightened security concerns and the surge in crypto transactions during the holiday season. In its latest report, Bleeping Computer stated that the phishing scams started with emails designed to look just like official Ledger communications. The report also notes:
“A new Ledger phishing campaign is underway that pretends to be a data breach notification. It asks you to verify your recovery phrase, which is then stolen and used to steal your cryptocurrency”.
The phishing scam is targeting Ledger wallet users with emails claiming a “Security Alert: Data Breach May Expose Your Recovery Phrase”. The scammers sent professional-looking emails using the SendGrid email marketing platform. In the email, they falsely claimed a recent Ledger data breach and urged recipients to verify their recovery phrases using a so-called “secure verification tool.”
Reports reveal that the phishing emails direct victims to a convincing fake Ledger-branded website hosted on Amazon Web Services. From there, users are redirected to a fraudulent domain, ledger-recovery[.]info, registered on December 15, 2024. The site imitates Ledger’s official platform and prompts users to perform a “security check” by entering their wallet recovery phrases.
The scammers have used a deceptive tactic while validating inputs against a list of 2,048 recognized terms commonly used in recovery phrases. Regardless of what users enter, the site falsely flags the phrase as invalid, prompting repeated attempts and ensuring the scammers collect accurate data. After securing the correct recovery phase, attackers gain complete access to the victim’s wallet.
Ledger Asks Crypto Users to Stay Cautious
As the news regarding phishing attacks on the Ledger hardware wallet spread, the company asked its users to stay vigilant and informed. In a message on the X platform, it noted:
“Ledger will never call, DM, or ask for your 24-word recovery phrase. If someone does, it’s a scam. Stay cautious and keep your crypto safe”.
Responding to users’ concerns about the phishing scam, Ledger acknowledged that such scams are an unfortunate reality in the digital space. Also, this is not the first time that Ledger users have faced these attacks. Since 2020, there have been periodic attacks on Ledger hardware wallet users.
Furthermore, amid the spike in online activity during this holiday season, phishing attacks have increased. Several security experts warn that the fraud is likely to escalate as scammers seek to leverage the surge in crypto transactions. “The holiday season means more online shopping. And that’s why it’s a scammer’s favorite time of year,” one user said.
Disclaimer: Coinspeaker is committed to providing unbiased and transparent reporting. This article aims to deliver accurate and timely information but should not be taken as financial or investment advice. Since market conditions can change rapidly, we encourage you to verify information on your own and consult with a professional before making any decisions based on this content.
Bhushan is a FinTech enthusiast and holds a good flair in understanding financial markets. His interest in economics and finance draw his attention towards the new emerging Blockchain Technology and Cryptocurrency markets. He is continuously in a learning process and keeps himself motivated by sharing his acquired knowledge. In free time he reads thriller fictions novels and sometimes explore his culinary skills.
