Michaela
Hardware wallet manufacturer Ledger has emerged as the latest target for scammers, who are sending counterfeit letters via traditional mail to cryptocurrency holders, falsely urging them to verify their wallets or face the potential loss of access to their funds.
The phishing scheme first came to light after BitGo CEO Mike Belshe raised the alarm in a post on X, sharing an image of the deceptive letter. The document reportedly featured a QR code, which may redirect unsuspecting users to a malicious site aimed at harvesting private keys.
“This is a phishing attempt through the US Post Office,” wrote BitGo CEO Mike Belshe. The fraudulent Ledger letter, with the subject line “Mandatory Wallet Validation,” emphasized the supposed need for wallet verification, describing it as a “critical security measure to ensure the continued safety and integrity of your funds.”
The letter proceeded to provide detailed instructions for users to “validate” their wallets, directing them to scan a QR code and input a reference number included in the message. It also listed a website as an alternative method for completing the process in case the QR code was inaccessible.
Belshe’s post sparked significant concern within the crypto community. One user linked this physical phishing attempt to recent data breaches, specifically citing the recent Coinbase data leak as a potential source.
Earlier this month, Coinbase dismissed multiple customer support agents in India amid allegations of their involvement in a social engineering operation that enabled unauthorized access to user accounts.
Coinbase disclosed that the attackers aimed to create a list of customers they could impersonate to deceive and convince victims to relinquish their cryptocurrency holdings. Following the operation, the perpetrators reportedly sought to extort $20 million from Coinbase in exchange for remaining silent about the breach, a demand the company declined to meet.
Additionally, the crypto exchange confirmed that the data breach compromised sensitive customer information such as names, addresses, phone numbers, email addresses, partially masked Social Security numbers (last four digits), masked bank account details, and images of government-issued IDs including driver’s licenses and passports.
Furthermore, the U.S. Department of Justice (DOJ) has initiated an investigation into the incident.
Read More
- Ledger Wallet Users Targeted in Phishing Scheme to Activate Fake ‘Clear Signing’ Feature
- Binance and Kraken Thwart Coinbase-Style Phishing Attacks
- Coinbase Users Lose $65M in Phishing Scams Amid Security Failures
Michaela has no crypto positions and does not hold any crypto assets. This article is provided for informational purposes only and should not be construed as financial advice. The Shib Magazine and The Shib Daily are the official media and publications of the Shiba Inu cryptocurrency project. Readers are encouraged to conduct their own research and consult with a qualified financial adviser before making any investment decisions.
