Source: Cointelegraph
Original: “Scammers Send Letters to Ledger Users Attempting to Steal Recovery Seed Phrases”

Scammers are sending physical letters to users of the Ledger cryptocurrency hardware wallet, asking them to verify their private key phrases in order to access their wallets and drain their funds.

In a post on the X platform on April 29, tech commentator Jacob Canfield shared a scam letter that was sent to his home, which appeared to be from Ledger, claiming that he needed to perform a “critical security update” on his device immediately.

The letter used Ledger's logo, company address, and reference number to feign legitimacy. It requested users to scan a QR code and enter their wallet's private key recovery phrase under the guise of verifying the device.

The letter threatened: “Failure to complete this mandatory verification process may result in restricted access to your wallet and funds.”

A mnemonic or recovery phrase is a string of up to 24 words used to unlock access to a cryptocurrency wallet. Scammers who possess this phrase can access and control the associated wallet, allowing them to transfer its assets elsewhere.

Earlier this month, an X account of a cryptocurrency hardware wallet reseller reported receiving multiple accounts from Ledger users about receiving similar letters.

In response to Canfield's post, Ledger stated that the letter was a scam and reminded device users to remain vigilant against phishing attempts.

Ledger added: “Ledger will never ask you for your 24-word recovery phrase via phone, direct message, or any other means. If someone does, it is a scam.”

“Please do not interact with accounts claiming to be Ledger employees or anyone offering assistance with fund recovery.”

Canfield suggested that the scammers might be sending letters to Ledger customers from a data breach that occurred nearly five years ago.

In July 2020, hackers breached Ledger's database, exposing the personal information of over 270,000 customers online, including names, phone numbers, and home addresses.

Bleeping Computer reported at the time that the following year, several Ledger users claimed to have received tampered fake Ledger devices that would install malware upon use.

Related: Loopscale Recovers $2.8 Million Through Bounty Negotiations After Weekend DeFi Attack

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。