Ledger Users Receive Fake Devices in New Phishing Scam
Navigating the world of digital assets can some times be a dangerous feat. In addition to dealing with volatility and a continually rising tide of projects suspect in quality, there are a plethora of scams that take place. Popular hardware wallet maker, Ledger, has just seen its users become victims of one such scam, through the unsanctioned distribution of fake devices.
In this particular scam, crypto enthusiasts received in the mail what appeared to be brand new replacement devices for existing Ledger hardware wallets. The senders of these devices, which are completely fake, hope that unsuspecting users will load them up with assets, and provide their private keys – essentially handing control of their holdings over to the scammers.
In an attempt to make the scam look official, the senders have additionally sent a ‘letter from the CEO’, explaining that the new devices were issued as a security measure to ensure the safety of user’s funds.
The scam described above is known as ‘phishing’, and is one of the more prevalent scams in the world today. This involves scammers using various ploys in an attempt to steal data from unsuspecting individuals. Depending on the goals of the scammers, the stolen data may range from passport information to home addresses, credit card numbers, and often in the case of crypto enthusiasts – private keys.
Despite often being too lax about their online security, no one wants to be taken advantage of. Scammers recognize this, and regularly exploit this desire for safety. One of the most common means of phishing for information is to send letters/notices referencing a past account breach (which may or may not have occurred). The victim is then provided with a series of steps which need to be taken to re-secure their account by inputting new passwords, private keys, etc. – all of which is then sent to the scammers, giving full access to the data/funds which they seek.
A Past Lapse
The scam described here today was especially unscrupulous as it looked to further take advantage of individuals which had already been the victim of data theft.
Nearing the end of July, 2020, Ledger suffered a massive data breach in which 1 million clients saw their personal information stolen. While no one’s funds were stolen, this data (which included addresses, contact info, emails, etc.) was then later leaked to the public roughly 5 months after the initial event.
Of particular note is the theft of home addresses. Armed with this information, these scammers now look to victimize these individuals even further by sending out the fake devices described here today. This is alluded to in the aforementioned letter from the CEO included in the fake device boxes.
Despite this new scam plaguing Ledger, it remains one of the most popular companies among digital asset enthusiasts that are looking for a means to store their holdings. For those interested in learning about potential alternatives on the market, the following are a few top examples.
- CoolWallet S
- Trezor Model T
Protection through Knowledge
At the end of the day, the best way to protect oneself from become the victim of such scams is learn about how they occur. Only then can the proper steps be taken to avoid data breaches, theft of funds, etc.
In the past we have detailed various popular scams within the world of digital assets. To learn more about these, make sure to peruse our overview HERE.
Once knowledgeable on the types of scams out there, take the time to learn about a few companies which are working to prevent scams such as identity theft HERE.