What happened?
Ledger wallet users have become targets of a new phishing scam where fake physical letters are sent to trick them into revealing their wallet seed phrases. These letters, designed to look official with Ledger’s logo and return address, falsely instruct recipients to perform a fake security update by entering their 24-word recovery phrase. Ledger confirmed that these letters are fraudulent and reiterated that it would never ask for such sensitive information.
Who does this affect?
This scam primarily affects owners of Ledger hardware wallets who may be unaware of the phishing tactics employed. Individuals affected by the 2020 Ledger data breach are particularly at risk, as their personal information, including addresses, was exposed in the leak. Additionally, users of cryptocurrency platforms like Coinbase and Gemini have also been targeted by similar sophisticated phishing scams, broadening the scope of those impacted.
Why does this matter?
The increase in phishing scams highlights the ongoing vulnerabilities within the crypto market, affecting investor confidence and potentially leading to substantial financial losses. The persistence of these scams suggests that the consequences of past data breaches and hacking incidents continue to ripple through the crypto ecosystem. With $1.64 billion lost to hackers in Q1 2025 alone, such incidents underscore the need for enhanced security measures and vigilance among crypto users to safeguard their assets.