Crypto NewsNews

Ledger Wallet Users Fall Victim to Phishing Email Scams

Crypto Assets Under Attack as Sophisticated Phishing Scams Drain Millions from Ledger Wallet Users

Recently, a new wave of phishing email attacks targeting Ledger wallet users has emerged, putting users’ cryptocurrency assets at risk. These attacks, designed to look deceptively legitimate, are deceiving users into compromising their recovery phrases.

Phishing Emails Mimic Official Channels

The scammers send professional-looking emails that very closely imitate official Ledger communications. They lead with subject lines such as “Security Alert: Data Breach May Expose Your Recovery Phrase”, lines that official channels might use during a legitimate breach, heightening users’ urgency.

The fraudulent emails, are sent using the SendGrid email platform, instructing recipients to verify their recovery phrases via a so-called “secure verification tool.”

Moreover, once users click on the phishing link, they are directed to a fake website hosted on Amazon Web Services. These sites are well-designed, mimicking the look and feel of Ledger’s official platform. A recent investigation revealed that one such domain, ledger-recovery[.]info, was registered as recently as December 15, 2024.

How The Scam Occurs

The phishing sites prompt users to enter their 12, 18, or 24-word recovery phrases in a supposed “security check”. According to reports, the site displays an error message regardless of the input falsely flagging the recovery phrase as invalid, and forcing users into repeated attempts. This tactic is to ensure that they collect as much accurate information as possible.

As soon as attackers obtain the correct recovery phrase, they gain full access to the victim’s wallet and can quickly drain it of all its digital assets.

In response to the phishing scams, Ledger has urged users to remain cautious.

Ledger will never call, DM, or ask for your 24-word recovery phrase. If someone does, it’s a scam. Stay cautious and keep your crypto safe.” they emphasized in a statement shared on X.

Phishing scams have been an ongoing issue with Ledger for years. Since 2020, attackers have periodically targeted Ledger hardware wallet users, exploiting stolen email data and/or vulnerabilities in the system.

Losses Highlight the Risks of The Phishing Scams

On December 13, a crypto user identified as “Anchor Drops” reported on X that they lost 10 Bitcoin — worth approximately $1 million — along with an additional $1.5 million in non-fungible tokens (NFTs) stored on a Ledger Nano S wallet.

Investigations revealed that the attack may trace back to a phishing incident in February 2022. Anchor Drops unknowingly approved a malicious transaction nearly three years ago, and the hacker remained dormant until recently.

Related Articles

Back to top button