Customers of Ledger, the cryptocurrency hardware wallet, are being targeted by a phishing attack that comes as an email from Ledger’s support.
The fake email apparently informs users that their Ledger assets may be compromised. He says: “Our team of scientific experts found that many of Ledger Live’s administrative servers were infected with malware.” This statement is false; While the email form looks professional, it’s a phishing attempt to steal customer data.
The email is so compelling that even wary users could be fooled. Ledger confirmed that, in the past week, a phishing attack has targeted clients of the Ledger cryptocurrency wallet.
“I got the same email and for once I was really confused. Everything works, “a Reddit user said in response to the original post.” However, here you can see that the URL is incorrect (note the dot on the second ‘e’ => ledgėr). What gave rise to my Doubtful was the fact that I got the email twice in a couple of minutes. … It is probably related to the previous hack where a hacker managed to get our email addresses. “
Another user replied, “Wow, it looked really legitimate, so much so that I used the Contact Us form to ask Ledger if it was real. I’m normally pretty good at sniffing things like this – this was by far the most convincing attempt I’ve ever had. never seen “.
In July, Ledger’s team discovered that an API key related to their e-commerce and marketing database had been exploited and the database had been accessed by an unauthorized third party. The details of the database (mainly email addresses) were used to send order confirmations and promotional emails.
CoinDesk independently reviewed one of these phishing emails, sent from “[email protected]”. A key clue in any phishing email is a slight misspelling of a real address or URL; in this case, “ledger.com” is misspelled.
Phishing attacks are common and attackers are increasingly sophisticated, creating emails that resemble official business correspondence. They rely on a person who makes a mistake and clicks on a link that could compromise their security.
In a statement, a Ledger spokesperson said an internal task force has been deployed to investigate the latest phishing attack.
“The investigation is ongoing and we cannot provide further information at this time, but one thing is certain: Ledger will never ask you for your 24-word recovery phrase, which is a blatant sign of a phishing scam,” he said. said the spokesman. “Ledger encourages customers to be careful as phishing attacks become more sophisticated and to alert Ledger’s customer support team and consult Ledger.com for more information on scam detection.”