Phishing scammers spoof Ledger’s email to send bogus data breach notice

In a recent development, Ledger, a major hardware wallet provider, has been targeted by malicious actors attempting to impersonate the company's support team. The criminals have engineered a phishing attack, using an email spoofing technique, in which they aim to trick Ledger users into providing their recovery phrases, posing a significant threat to the security of their cryptocurrencies.

The phishing email alleged a data breach at Ledger, warning users that their assets might be at risk, and urging them to download the latest version of Ledger Live to move their assets to a secure wallet. It's worth noting that the email was sent from a non-Ledger email address, exploiting the lack of Domain-based Message Authentication, Reporting and Conformance (DMARC) record on Ledger's domain. The absence of a DMARC record allows cybercriminals to spoof an email address from any domain that doesn't have the record in place.

The phishing link provided in the email takes the users to a fake Ledger website that looks almost identical to the official site, making it hard for users to differentiate between the two. The fake website prompts users to enter their recovery phrase, which is a major red flag, as Ledger has always stressed that it never asks for such information. Once the recovery phrase is entered on the fake website, the criminals can access the users' wallets and ultimately their funds.

The crypto community has been alerted about the situation and the fake emails. Ledger has advised its customers to be vigilant and cautious when dealing with emails, even those that appear to be from Ledger. The company recommends that users should never share their 24-word recovery phrase with anyone, not even with Ledger’s support team. The platform has also reiterated its commitment to improving its security measures to prevent such attacks in the future.

Phishing attacks are a common threat in the cryptocurrency world, and they have become increasingly sophisticated over time. Awareness and education are key to avoiding these malicious attempts to steal sensitive information and assets. Users are advised to always verify the source of emails, avoid clicking on suspicious links, and never share their recovery phrases or private keys.