- Ledger users receive scam letters, urging them to reveal their 24-word recovery seed phrases.
- To appear legitimate, the scam letters used Ledger’s branding and a reference number.
- Ledger emphasized that it never contacts users via mail or requests sensitive information.
A new phishing campaign is targeting Ledger hardware wallet users using an unexpected physical mail. Scammers have begun sending fraudulent letters to Ledger users, urging them to visit a fake website and enter their recovery seed phrases.
The letter was professionally crafted to appear legitimate and not raise any alarms. It uses Ledger’s branding, includes a reference number, and warns of a supposed critical security risk. It instructs users to scan a QR code to “validate” their wallets by inputting their 24-word recovery phrase.
Jacob Canfield, a tech analyst, revealed the scam in an April 29 post on X. He shared an image of the letter he received and warned the community to stay alert. Ledger quickly confirmed the letter as a scam, responding that the company never asks its users for recovery phrases by any method.
Ledger emphasized that it does not contact users by mail for device security updates or verification. Further, it reminded users to avoid calls, messages, or emails asking for sensitive wallet information. Notably, the scam appeared to target victims of a known data breach. In July 2020, over 270,000 customer records were leaked from Ledger’s database. The breach exposed names, phone numbers, and addresses. It is speculated that this information is now being used to deliver the scam letters.
In 2021, Ledger users also reported receiving tampered hardware devices in the mail. These were modified to install malware when plugged in. This earlier incident bears similarities to the current scam, which also uses physical access points to steal digital assets. Canfield warned that this phishing method could trap unsuspecting or less tech-savvy users and encouraged the crypto community to warn their friends and family using Ledger wallets.
Related: India’s Best Crypto Wallets In 2025
Ledger stated that it is actively working to block phishing accounts across platforms, but noted that scammers continue to impersonate its support staff and brand. Further, it reinstated that users should rely only on Ledger’s official website and support channels for help.
Further, it was stated that the scam letters threatened users of restricting their access to funds if they fail to comply with the instructions. However, experts stated that it was a psychological tactic meant to create panic and lower users’ defenses.
As the campaign spreads, users are urged to treat all unsolicited communications with suspicion, especially those requesting sensitive wallet information. Ledger has reiterated that as long as users keep their seed phrases private, their assets would remain safe.
