XRPLorer, a multi-purpose blockchain explorer of XRP Ledger, has reported another wave of phishing attacks on Ledger hardware wallet. Despite its reappearence only two weeks ago, it has already cost gullible XRP holders more than a quarter of a million U.S. dollars.
Ledger, not Lẹdger
In its recent tweet, the account XRPforensics, focused on due diligence and anti-scam activity in XRPL, admitted that XRP holders are increasingly falling victim to a blatant scam. It targets users of high-end hardware crypto wallet Ledger.
Analysts shared a screenshot of the fake Ledger website. Normally, it is a resource from which users download Ledger Live software updates for their gadgets.
However, scammers use the "ẹ" homoglyph instead of "e" in the website's domain name. Thus, users who tried to update the software were redirected to a phishing website. As a result, their keys and funds were at risk.
XRPLorer analysts ensured that all coins stolen by scammers will be tracked by their automated tools:
We will follow the money.
As covered by CryptoComes, this team helped the XRP user that had lost almost all of his holdings in June. XRPLorer assisted in tracking the funds, so his exchange found an opportunity to stop suspicious transactions.
Indicators of Ledger scam
It looks like the Ledger user base is undergoing massive phishing attacks. On Oct. 25, its users started receiving very strange SMS and email messages. It impersonated the Ledger support team and informed readers about an alleged data breach.
Users were asked to update their software as soon as possible. But all domains mentioned in these messages belonged to scammers.
The Ledger team released an official statement regarding these campaigns. They emphasized that Ledger never uses homoglyphs in its name and interacts with users only via email—not by SMS or phone call.