Skip to content
TechnologyCryptocurrencyInvestingFinanceCanfield2025LedgerNseQrPhishingCybersecurity

Scam Solicits Ledger Users' Seed Phrases via Physical Mail Correspondence

Crypto wallet owners are targets of a new phishing scheme where scammers send fraudulent letters claiming to be from Ledger, demanding seed phrases for a supposed "critical update".

 and  Administrator
3 min read

Phishing Scam Alert: Physical Letters Targeting Ledger Hardware Wallet Users

Scam Solicits Ledger Users' Seed Phrases via Physical Mail Correspondence

Here's a lowdown on a brand new phishing attempt targeting crypto enthusiasts. Scammers have upped their game, sending physical letters to owners of Ledger hardware wallets, aiming to swipe their funds.

These letters, that looked like they were from Ledger, requested users to authenticate their private seed phrases for a "critical security update." Tech commentator, Jacob Canfield, was the first to expose this scam, sharing images of a letter he received at his residence.

The deceptive document flaunted Ledger's logo and business address to seem authentic. To execute the scam, recipients were instructed to scan a QR code and enter their wallet's private recovery phrase. If they didn't follow this "mandatory validation process," they were warned that they might face restricted access to their wallet and funds.

Ledger acknowledged the scam shortly after Canfield's post and reminded users that they would "never reach out for your 24-word recovery phrase via any medium—never." This phrase, also known as a recovery key, is a set of words, up to 24, that grants complete access to your crypto wallet. If a scoundrel gets their hands on this, they can control your wallet and transfer all your cryptocurrency holdings.

This scam seems to be aiming for victims of a massive data breach that occurred nearly five years ago. Back in 2020, hackers infiltrated Ledger's database, stealing the personal information of over 270,000 users, including names, phone numbers, and residence addresses.

This isn't the first time fraudsters have utilized this information to execute physical attacks. In 2021, some Ledger users complained about receiving fake Ledger devices in the mail, which were tampered with and designed to install malware when linked to a PC.

Canfield suggested that Ledger might have to revise their standard security advice to include letters alongside emails and phone calls, considering this new strategy by scammers.

The crypto community has witnessed several phishing ploys targeting hardware wallet users over the years. However, physical mail represents a significant evolution in these scams, possibly appearing more trustworthy to some users than digital communications.

Ledger acknowledged that "impostors pretending to be Ledger and Ledger representatives are unfortunately common" in their response to the incident. They continue to emphasize that they will never demand recovery phrases, no matter the communication channel.

A crypto hardware wallet reseller also reported similar incidents earlier in April, indicating that this could be a widespread campaign rather than isolated attempts.

Users of hardware wallets are advised to keep in mind that legit companies will never ask for recovery keys through any medium—be it emails, phone calls, direct messages, or physical mail.

This scam serves as a timely reminder for crypto holders to stay vigilant against increasingly cunning phishing attempts that employ both digital and physical approaches to seem more credible.

Safety Measures

  1. Never share recovery keys: Ledger would never ask for your 24-word recovery phrase via mail, email, or QR code.
  2. Verify communications: If you receive any alerts, confirm them through Ledger’s official channels (e.g., ledger.com/support).
  3. Monitor physical mail: Treat unsolicited letters with a pinch of salt, even if they seem genuine.
  4. Update devices securely: Always download firmware updates directly from Ledger Live software.
  5. Spread the word: Inform less tech-savvy users about this scam’s physical nature.

Ledger has publically confirmed the scam and urged users to report suspicious messages. If you receive a phony letter, avoid scanning QR codes, clicking on links, or complying with instructions—report it via Ledger’s official support page.

  1. The cryptocurrency community has been alerted to a new phishing scam that targets Ledger hardware wallet users, with scammers sending physical letters to try and steal funds.
  2. Tech commentator Jacob Canfield was the first to expose the scam, noting that these letters ask users to authenticate their private seed phrases for a supposed "critical security update."
  3. To execute the scam, recipients are instructed to scan a QR code and enter their wallet's private recovery phrase, but Ledger reminds users that they would never ask for this information through any medium.
  4. The deceptive document flaunts Ledger's logo and business address to seem authentic, but Ledger has acknowledged that impostors pretending to be them are common and they will never demand recovery phrases.
  5. This scam may be linked to a data breach that occurred in 2020, and Ledger is advising users to keep in mind that they should never share recovery keys, even via physical mail.
Cryptocurrency wallet owners are being targeted by scammers through bogus emails from Ledger, demanding seed phrases under the pretense of a necessary update in a new phishing tactic.
Cryptocurrency wallet owners receive fake emails from scammers claiming to be Ledger, demanding seed phrases for a supposed update under a fresh phishing scam.
Crooks are sending deceitful emails purporting to originate from Ledger, claiming to be about essential wallet updates for cryptocurrency accounts, and attempting to acquire seed phrases in a fresh phishing endeavor.

Read also:

    Related

    Latest