- Scammers sent fake Ledger letters using leaked data, requesting users’ 24-word recovery phrases to access and steal crypto funds.
- Victims reported tampered devices and letters claiming to be from Ledger, pressing for immediate updates to lure users into scams.
- Ledger confirmed the scam’s legitimacy and warned users never to share recovery phrases, urging vigilance across all communication forms.
Scammers have begun sending physical letters to Ledger hardware wallet users in a phishing scheme that attempts to extract sensitive wallet recovery information. The letters, designed to appear legitimate, include Ledger’s branding, business address, and a fabricated reference number.
These fraudulent letters request recipients to perform an “urgent security update” by scanning a QR code and submitting their 24-word recovery phrase. The letters threaten that failure to comply will result in restricted wallet access, aiming to pressure users into revealing critical access credentials.
Leaked Customer Data Linked to the Scam Campaign
Jacob Canfield, a tech analyst and Ledger user, received one such letter and shared its contents online to warn others. Canfield linked the scam to a 2020 data breach that compromised the personal information of over 270,000 Ledger customers. This breach may have enabled scammers to send targeted messages directly to affected users’ homes.
Earlier this month, a reseller of Ledger devices reported multiple customers receiving similar scam letters. Additionally, users have reported receiving counterfeit Ledger wallets that were preloaded with malware, suggesting a coordinated attempt to compromise devices and steal assets.
Company Confirms Ongoing Phishing Attacks
Ledger acknowledged the rise in phishing attempts and confirmed that these letters are not from the company. The firm emphasized that it never asks users to reveal their recovery phrases. It added that impersonation by scammers remains a widespread problem across emails, phone calls, and now, postal letters.
Canfield noted that Ledger should expand its public warnings to include postal letters as phishing channels evolve. The company responded by praising community members who expose scams and advised all users to avoid interaction with anyone claiming to represent
In its public statement, Ledger reassured customers that its devices are built to safeguard private keys and digital assets. The firm stated that users remain in full control of their assets and that its devices are designed to resist external threats, including scams and tampering attempts.
