Tanya Abrosimova
Independent Analyst
- Ledger users receive scam emails impersonating the cryptocurrency wallet developer.
- The company confirmed the phishing attack and urged users to be cautious.
Some users of the hardware cryptocurrency wallet fell victim to the email phishing attack. According to numerous reports on Twitter, people receive emails impersonating the cryptocurrency wallet manufacturer.
The hackers refer to the security breach that allegedly happened on October 25 and affected 86,000 email addresses. They claim that users' assets are in danger due to the hack attack. To avoid losing the coins, the wallet owners are prompted to install the latest version of Ledger Live via the link embedded in the email and reset their PINs.
*** SCAM ALERT***
— Young And Investing (@QuintenFrancois) October 25, 2020
I just received this in my inbox. A new phishing scam has been send out claiming there are problems with @Ledger live and a call to action to download "the newest version of Ledger live".
Please share this in order for as many people as possible to see this... pic.twitter.com/xOKUBoKI63
The fake letters copy Ledger's styles and communication and look very convincing. However, the sender address contains a mistake – legder.com instead of ledger.com – that betrays the scam. Apart from that, hovering over the link reveals a dodgy URL, which will download malicious software once you click on it.
Second scam attempt in a row
Notably, this is the second impersonating scam that involves Ledger. On October 19, the hackers contacted the wallet users asking to provide their seed phrases.
The company officially confirmed the issue and said that they were investigating the incident. However, the scope of the attack has not been disclosed. Also, the Ledger urge users never to tell their mnemonic phrase to anyone and be on the alert if someone requires this information.
SCAM ALERT
— Ledger (@Ledger) October 19, 2020
According to our information, some scammers are getting in touch with Ledger users through text messages and emails.
Never give the 24 words of your recovery seed. Ledger will never ask for them.
The blame goes to Ledger
The company did not explain how the attackers got the email addresses of Ledger users. Still, the community members believe that the leak happened on the side of the wallet provider.
Thus, a Twitter user Andreas Tasch noted that he used the email exclusively for shopping Ledger, meaning that it could not be leaked somewhere else. He also pointed out that the company failed to notify him that his email address was compromised.
ok @ledger, I used an email exclusively for your shop and I got a (very well done) phishing mail today, pointing to ledgersupport_DOT_io download
— Andreas Tasch ⚡ (@ndeet) October 25, 2020
Why didn't I get any info that my email was compromised?
What data was compromised from me?
Do they know my physical address?
1/2
Notably, Ledger confirmed the data breach at the end of June, saying that their marketing database was hacked. The cybercriminals found a vulnerability in the API interface and stole about 1 million email addresses. However, the company stated that all affected users were duly informed of the incident.
Note: All information on this page is subject to change. The use of this website constitutes acceptance of our user agreement. Please read our privacy policy and legal disclaimer. Opinions expressed at FXstreet.com are those of the individual authors and do not necessarily represent the opinion of FXstreet.com or its management. Risk Disclosure: Trading foreign exchange on margin carries a high level of risk, and may not be suitable for all investors. The high degree of leverage can work against you as well as for you. Before deciding to invest in foreign exchange you should carefully consider your investment objectives, level of experience, and risk appetite. The possibility exists that you could sustain a loss of some or all of your initial investment and therefore you should not invest money that you cannot afford to lose. You should be aware of all the risks associated with foreign exchange trading, and seek advice from an independent financial advisor if you have any doubts.
Recommended Content
Editors’ Picks
Coinbase lists WIF perpetual futures contract as it unveils plans for Aevo, Ethena, and Etherfi
Dogwifhat perpetual futures began trading on Coinbase International Exchange and Coinbase Advanced on Thursday. However, the futures contract failed to trigger a rally for the popular meme coin.
Stripe looks to bring back crypto payments as stablecoin market cap hits all-time high
Stripe announced on Thursday that it would add support for USDC stablecoin, as the stablecoin market exploded in March, according to reports by Cryptocompare.
Ethereum cancels rally expectations as Consensys sues SEC over ETH security status
Ethereum (ETH) appears to have returned to its consolidating move on Thursday, canceling rally expectations. This comes after Consensys filed a lawsuit against the Securities & Exchange Commission (SEC) and insider sources informing Reuters of the unlikelihood of a spot ETH ETF approval in May.
FBI cautions against non-KYC Bitcoin and crypto money transmitting services as SEC goes after MetaMask
US Federal Bureau of Investigations (FBI) has issued a caution to Bitcoiners and cryptocurrency market enthusiasts, coming on the same day as when the US Securities and Exchange Commission (SEC) is on the receiving end of a lawsuit, with a new player adding to the list of parties calling for the regulator to restrain its hand.
Bitcoin: BTC post-halving rally could be partially priced in Premium
Bitcoin (BTC) price briefly slipped below the $60,000 level for the last three days, attracting buyers in this area as the fourth BTC halving is due in a few hours. Is the halving priced in for Bitcoin? Or will the pioneer crypto note more gains in the coming days?