🚨 A fake Ledger scam is making waves again - but it’s not new 🚨 🧵 This phishing dates back to 2021. Victims receive a fake Ledger device in the mail - complete with real-looking packaging and an “official” letter. You’re told to migrate your 24 words from your “old” (real) Ledger to this new (fake) one. 🪤The scam exploits user data from past breaches - name, email and address. You’re told: “Your old device is compromised. Enter your seed phrase into this new secure one.” Once entered - all assets are gone. The fake Ledger is preloaded with malware. 🎭These scams often include: 🔹 Fake user manuals 🔹 Fake “Ledger” software 🔹 Realistic device designs Some variants even use preset recovery phrases, tricking users into using a wallet the attacker already controls. 📦 Such attacks do work - especially when: 🔹Your order info was leaked 🔹You fall for fake stores or phishing sites selling counterfeit hardware wallets 🔹Your Low awareness around device authenticity checks 🧠These attacks may seem “too physical to scale” - but they don’t need to succeed often. It’s a spray-and-pray model. No confirmed cases of tampering during delivery - but don’t risk it.⚠️ 🎯See recap: 🔍 Ledger’s breach: https://www.ledger.com/addressing-the-july-2020-e-commerce-and-marketing-data-breach 🔍 Trezor leak: https://x.com/Trezor/status/1748724846861705494 🔍 Fake imKey cases: https://x.com/imKeyOfficial/status/1740315565523107901 🔐 How to protect yourself? ✅ Only enter your 24 words on a device you initialized 🚫 Never trust devices from unknown sources ✅ Always verify authenticity via the official brand website 🚫 Don’t fall for unsolicited packages, emails, or “support” messages 📚 Knowledge = prevention. We maintain a public archive of real-world blockchain hacks, just search by keyword or project name to see if there’s a history of breaches or fraud: 🔎 https://hacked.slowmist.io 🧱 Security starts with verifying the hardware you trust. Stay safe. 🔒 cc @evilcos