{"id":24641,"date":"2025-05-01T07:01:37","date_gmt":"2025-05-01T07:01:37","guid":{"rendered":"https:\/\/dogewisperer.com\/?p=24641"},"modified":"2025-05-01T07:01:37","modified_gmt":"2025-05-01T07:01:37","slug":"crypto-fraud-goes-postal-ledger-customers-hit-by-seed-phrase-scam","status":"publish","type":"post","link":"https:\/\/dogewisperer.com\/?p=24641","title":{"rendered":"Crypto Fraud Goes Postal: Ledger Customers Hit By Seed Phrase Scam"},"content":{"rendered":"
\n

Thieves have opened a new front against cryptocurrency users with fake letters delivered by regular postal mail targeting owners of Ledger hardware wallets.<\/p>\n

The letters misleadingly tell recipients they need to confirm their private seed phrases for a \u201ccritical security update,\u201d according to reports posted on social media site X on April 29.<\/p>\n

Physical Letters Impersonate Official Communications<\/h2>\n

Tech pundit Jacob Canfield uncovered the scam<\/a> when he received such a letter to his home address. The scammers use Ledger\u2019s official logo and business address, and also a reference number to make it look legitimate. It tells the recipients to scan a QR code and input their wallet\u2019s private recovery phrase, stating that this will authenticate their device.<\/p>\n

The letter uses pressure measures, threatening that \u201cfailure to complete this required validation process may lead to limited access to your wallet and funds.\u201d<\/p>\n

Security professionals caution that anyone who does this would be essentially surrendering total control of their cryptocurrency<\/a> assets to cybercriminals.<\/p>\n

\n

Breaking: New scam meta launched. Now they\u2019re sending physical letters to the @Ledger<\/a> addresses database leak requesting an \u2018upgrade\u2019 due to a security risk.<\/p>\n

Be very cautious and warn any friends or family that you know is in crypto and is not that savvy. pic.twitter.com\/XoUAGQBJXt<\/a><\/p>\n

\u2014 Jacob Canfield (@JacobCanfield) April 28, 2025<\/a><\/p>\n<\/blockquote>\n

Recovery Phrases: Keys To Crypto Kingdoms<\/h2>\n

A seed phrase<\/a> or recovery phrase is a list of up to 24 words that is the master key to a cryptocurrency wallet. Whoever comes into possession of this phrase has complete control of the corresponding wallet and is able to send all the funds to other wallets. These phrases are incredibly valuable for a target of scammers because of it.<\/p>\n

The hardware wallet firm also confirmed the letters were fake. Ledger issued the following statement after Canfield\u2019s post:<\/p>\n

\u201cLedger will never call, DM [direct message], or request your 24-word recovery phrase. If it happens, it\u2019s a scam.\u201d<\/em><\/p>\n

The firm also warned customers against interacting with accounts purporting to be Ledger<\/a> staff or anyone that provides assistance with fund recovery.<\/p>\n

\"\"<\/p>\n

Possible Connection To Previous Data Breach<\/p>\n

The mail scam can be linked to a significant security hack that occurred close to five years back. Hackers in July 2020 compromised Ledger\u2019s database and revealed the personal details of over 270,000 clients.<\/p>\n

This is not the first time<\/a> physical mail has been used by criminals to target users of cryptocurrency. In a 2021 Bleeping Computer report, several Ledger users reported receiving fake Ledger devices in the mail. Those fake devices were programmed to drop malware<\/a> when plugged into a computer.<\/p>\n

<\/p>\n

The stolen data comprised names, phone numbers, and residence addresses \u2013 data through which this mail scam would be feasible.<\/p>\n

Canfield made this link in his social media announcement, pointing out that scammers seem to be targeting Ledger users whose information was hacked in that breach.<\/p>\n

The most recent mail scam is a development in strategy, a mix of conventional mail fraud with cryptocurrency theft strategies.<\/p>\n

Security researchers recommend that the owners of hardware wallets keep in mind that any legitimate firm will never request recovery phrases under any circumstances, even if a message appears to be official.<\/p>\n

Featured image from Joint Base San Antonio, chart from TradingView<\/em><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

Thieves have opened a new front against cryptocurrency users with fake letters delivered by regular postal mail targeting owners of Ledger hardware wallets. The letters misleadingly tell recipients they need to confirm their private seed phrases for a \u201ccritical security update,\u201d according to reports posted on social media site X on April 29. Physical Letters […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":0,"footnotes":""},"categories":[2],"tags":[3,4,5],"class_list":["post-24641","post","type-post","status-publish","format-standard","hentry","category-news","tag-crypto","tag-doge","tag-news"],"_links":{"self":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/24641","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=24641"}],"version-history":[{"count":0,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/24641\/revisions"}],"wp:attachment":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=24641"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=24641"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=24641"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}