BMClogo
BMCLogo

Ledger scams are sending letters to steal seed phrases

by | Apr 30, 2025 | Crypto | 0 comments

f ba fd af bd jpeg

The scammers are mailing physical letters to the owner of the Ledger Crypto hardware wallet, asking them to verify their private seed phrases in order to access the wallet to clean up the wallet.

In an April 29 X post, tech commentator Jacob Canfield shared the scam sent to his home via post, which appears to be from Ledger, claiming that he needs to make “critical security updates” immediately on his device.

The letter uses the Ledger logo, business address and a reference number to pretend legitimacy, requires scanning of the QR code and enter the private recovery phrase of the wallet with the obligation to verify the device.

“Failure to complete this mandatory verification process may lead to restrictions on access to your wallet and funds,” the letter threatened.

source: Jacob Canfield

Seed phrases or recovery phrases are strings of up to 24 words that unlock access to encrypted wallets. Scammers with phrases can access and control the associated wallets to transfer their collections elsewhere.

Earlier this month, the X account of the crypto hardware wallet dealer said it also received reports from multiple ledger users with similar letters.

In response to Canfield’s post, Ledger said the letter was a scam and warned its device users to be alert to phishing attempts.

Related: Ledger Wallet User Reports 10 BTC Loss – Community Guided Phishing

It adds: “Ledger will never call, DM (direct message) or ask for your 24-word recovery phrase. If someone does this, it’s a scam.”

“Please do not interact with the account of anyone claiming to be a ledger employee or who provides help with recovering funds.”

Not sure if the data leak is connected to the ledger

Canfield suggests that scammers are sending letters to ledger customers who leaked data about five years ago.

In July 2020, a hacker violated the ledger’s database and discarded personal information from more than 270,000 customers online, including names, phone numbers and home addresses.

The following year, some ledger users claimed to have been mailed to fake ledger devices that were tampered with and designed to install malware, which was then easy to use computers.

Magazine: Your AI “Digital Twin” can attend meetings and comfort your loved ones