Gairika Mitra
A new phishing campaign is targeting Ledger wallet users to trick them into activating a fraudulent security feature called “Ledger Clear Signing” and steal their cryptocurrency.
The deceptive emails, which do not originate from official Ledger addresses, claim that doing so is essential for the continued secure use of Ledger devices.
The emails contain a malicious link that directs recipients to a fake website, where they are prompted to enter sensitive information. One email states, “To continue using your Ledger device securely, activating Clear Signing is mandatory starting November 1, 2024. This feature is essential in protecting your assets from phishing attacks and fraudulent activities that are becoming more sophisticated.”
Thomas Roccia, a senior threat researcher at Microsoft, characterized the ongoing email campaign as a “very clean Ledger scam.”
Over $2.7 Billion Lost to Approval Phishing
Analytics platform Chainalysis highlighted the increase in phishing scams recently.
Related: Europol Cracks $1.4B Cryptomixer, Seizes $27M and 12TB of Data
“Earlier this year, we reported that approximately USD $1 billion has been lost to scams leveraging approval phishing since May 2021. After identifying further illicit addresses, our data now reveals that over USD $2.7 billion has been lost to approval phishing – demonstrating that approval phishing is a much bigger problem than previously known. However, the inherent transparency of the blockchain paired with advanced blockchain analytics offers a range of opportunities for investigation, asset recovery and crime prevention,” it said.
In another report, Chainalysis identified a network of 1,013 addresses linked to targeted approval phishing, starting with a smaller list of known approval phishing addresses associated with romance scam tactics.
Related: North Korea Uses Banned Nvidia GPUs to Supercharge Crypto Theft Efforts
The firm estimates that victims connected to the initial list, along with those identified through their unique transaction patterns, have lost around $1 billion to approval phishing scams since the dataset began in May 2021. While this $1 billion figure is based on observed on-chain patterns and may include funds already controlled by the scammers, it represents just the tip of a much larger problem. Romance scams are notoriously underreported.
Read More
- Cambodian Journalist Mech Dara Charged After Exposing Crypto Scams
- Snowden at Token 2049: Crypto’s Calcified, Billionaires Beware, and Solana? Just Memes and Scams!
- Over $31B Lost to Crypto Hacks and Scams in 13 Years – Analyst
GAIRIKA
Gairika is a cryptocurrency journalist with a focus on Bitcoin and blockchain technology.
