Scammers are at it again, and this time they’re impersonating Ledger to pull off a phishing scam for stealing your recovery phrases and, ultimately, your cryptocurrency.
With the holiday season ramping up online activity, these scams are more dangerous than ever.
Fake emails
Bleeping Computer reported that this latest phishing campaign kicks off with emails that look alarmingly legitimate, because they come with alarming subject lines like “Security Alert: Data Breach May Expose Your Recovery Phrase.”
These emails claim that a recent data breach could put your recovery phrase at risk and direct you to a fake Ledger website that looks just like the real deal, thanks to being hosted on Amazon Web Services.
But we all already know we shouldn’t even open and read any emails from Ledger, aren’t we? Just don’t.
Once you’re on this fraudulent site, you’ll be prompted to enter your recovery phrases for a so- called security check, but then the site will then falsely tell you that your phrases are invalid, pushing you to keep trying until the scammers get what they want.
Once they have your recovery phrases, they can wipe out your wallet faster than you can say crypto heist.
Data breach is done
Ledger hasn’t confirmed any new data breaches, they’ve reiterated their long-standing policy.
“Ledger will never ask for your 24-word recovery phrase. If someone does, it’s a scam.”
The company has faced phishing issues before, especially after a 2020 breach that exposed customer information and led to targeted scams.
Just last December, their connector library was exploited, resulting in nearly $500,000 in losses.
It’s no wonder some users are feeling uneasy, one even remarked, for a company many trust to safeguard crypto assets, this is not reassuring.
Scams everywhere
Crypto fraud has been fluctuating in the last months, with phishing-related losses dropping by 53% to $9.3 million in November, this latest attack shows that scammers are still refining their tactics, and they likely won’t stop.
Security experts are urging crypto investors to stay alert and take proactive steps to protect their wallets, especially during high-risk times like the holidays. Ultimately, keeping your digital assets safe is up to you!
