Ledger, a high-end hardware cryptocurrency wallet, has been attacked by another series of phishing scams. The team behind the devices' production has released a manual on how to avoid falling victim to the malefactors.
Ledger scammers may know your first and last name
Ethereum (ETH) developer and former Metamask officer, Bruno Barbieri, has shared screenshots of SMS messages that he received from scammers. They impersonate the Ledger team and urge all users to update the software used by hardware wallets.
The message is sent to one's ordinary personal mobile phone number. Moreover, it uses a mysterious "Ledger Media" domain instead of Ledger's familiar website.
When clicking on the link in the message, the user is redirected to a well-designed copy of the Ledger site. However, its domain name uses a homoglyph with a strange character under the letter "e."
A few hours after the first attempt by scammers to redirect Barbieri to the fraudulent website, he received one more message from "Ledger Report." In both cases, the malefactors used his real first and last name.
Three tips to stay safe
The fact that scammers use a database with the names and phone numbers of Ledger users makes some crypto enthusiasts suspect that hackers may be benefitting from the data breach that Ledger disclosed earlier this year.
Ledger has released an official statement regarding this dangerous situation. It confirmed that phishing attacks are targeting users of Ledger and reiterated three basic rules of safe conduct when receiving communications from the wallet's team.
First of all, they stated, Ledger interacts with its customers only via email, so any texts or phone calls should be assumed to be phishing attempts. Then, crypto holders should note that Ledger uses a very limited range of email addresses to reach its customers:
The only two legitimate Ledger email addresses are hello@ledger.com and noreply@ledger.com, as well as our customer support ZenDesk email. Treat any other email address with caution.
Finally, the legitimate Ledger domain name has no dots or accents in its URL. As covered by CryptoComes previously, the malefactors increased their activity this October.