Ledger users fall victim of phishing attack, second time in less than a week

Ledger users receive scam emails impersonating the cryptocurrency wallet developer.
The company confirmed the phishing attack and urged users to be cautious.

Some users of the hardware cryptocurrency wallet fell victim to the email phishing attack. According to numerous reports on Twitter, people receive emails impersonating the cryptocurrency wallet manufacturer.

The hackers refer to the security breach that allegedly happened on October 25 and affected 86,000 email addresses. They claim that users' assets are in danger due to the hack attack. To avoid losing the coins, the wallet owners are prompted to install the latest version of Ledger Live via the link embedded in the email and reset their PINs.

*** SCAM ALERT***
I just received this in my inbox. A new phishing scam has been send out claiming there are problems with @Ledger live and a call to action to download "the newest version of Ledger live".

Please share this in order for as many people as possible to see this... pic.twitter.com/xOKUBoKI63
— Young And Investing (@QuintenFrancois) October 25, 2020

The fake letters copy Ledger's styles and communication and look very convincing. However, the sender address contains a mistake – legder.com instead of ledger.com – that betrays the scam. Apart from that, hovering over the link reveals a dodgy URL, which will download malicious software once you click on it.

Second scam attempt in a row

Notably, this is the second impersonating scam that involves Ledger. On October 19, the hackers contacted the wallet users asking to provide their seed phrases.

The company officially confirmed the issue and said that they were investigating the incident. However, the scope of the attack has not been disclosed. Also, the Ledger urge users never to tell their mnemonic phrase to anyone and be on the alert if someone requires this information.

SCAM ALERT

According to our information, some scammers are getting in touch with Ledger users through text messages and emails.

Never give the 24 words of your recovery seed. Ledger will never ask for them.
— Ledger (@Ledger) October 19, 2020

The blame goes to Ledger

The company did not explain how the attackers got the email addresses of Ledger users. Still, the community members believe that the leak happened on the side of the wallet provider.

Thus, a Twitter user Andreas Tasch noted that he used the email exclusively for shopping Ledger, meaning that it could not be leaked somewhere else. He also pointed out that the company failed to notify him that his email address was compromised.

ok @ledger, I used an email exclusively for your shop and I got a (very well done) phishing mail today, pointing to ledgersupport_DOT_io download

Why didn't I get any info that my email was compromised?
What data was compromised from me?
Do they know my physical address?

1/2
— Andreas Tasch ⚡ (@ndeet) October 25, 2020

Notably, Ledger confirmed the data breach at the end of June, saying that their marketing database was hacked. The cybercriminals found a vulnerability in the API interface and stole about 1 million email addresses. However, the company stated that all affected users were duly informed of the incident.

Share: Cryptos feed

Note: All information on this page is subject to change. The use of this website constitutes acceptance of our user agreement. Please read our privacy policy and legal disclaimer. Opinions expressed at FXstreet.com are those of the individual authors and do not necessarily represent the opinion of FXstreet.com or its management. Risk Disclosure: Trading foreign exchange on margin carries a high level of risk, and may not be suitable for all investors. The high degree of leverage can work against you as well as for you. Before deciding to invest in foreign exchange you should carefully consider your investment objectives, level of experience, and risk appetite. The possibility exists that you could sustain a loss of some or all of your initial investment and therefore you should not invest money that you cannot afford to lose. You should be aware of all the risks associated with foreign exchange trading, and seek advice from an independent financial advisor if you have any doubts.