Ledger customers continue to receive phishing emails from scammers

Scammers posing as Ledger have launched a new phishing campaign, sending fake physical letters to cryptocurrency users demanding that they “verify” their wallets or risk losing access to their funds.

In this attack, the attackers use traditional mail delivery — in this case, the United States Postal Service (USPS) — to make the email more convincing. BitGo CEO Mike Belshe posted a photo of one of these emails on social media site X, which contained a QR code that led to a malicious website disguised as an official Ledger page.

"This is all a scam, don't fall for any of these emails," warned Troy Lindsey, one of the security researchers who received a similar letter.

Users receive official-looking envelopes, designed in the style of Ledger. Inside is a message about the need to perform a technical update or check the wallet, otherwise access to assets will be lost. The QR code in the letter redirects to a fake site, where the victim must enter the secret recovery phrase of their wallet. After that, the attackers gain full control over the account and can withdraw funds without a trace.

Ledger has officially stated that it never sends out emails with QR codes or links to “update” wallets. All user support is done through verified channels, such as the company’s official apps and website. BitGo management has also called on cryptocurrency owners to be vigilant.

It was previously reported that owners of Ledger hardware crypto wallets received a series of fake emails, which threatened customers that if they did not follow a list of rules, their accounts would be blocked.