Ledger Users Beware: Fake Letters Threaten Crypto Wallets with QR Code Scam
Scammers target Ledger users with fake letters demanding seed phrases via QR codes. Stay safe—don’t scan! Learn more!
Ledger hardware wallet users are under attack from a new phishing scam involving physical letters, as confirmed by multiple sources, including posts on X and Cointelegraph. Reported on April 30, 2025, these fraudulent letters pose as official Ledger communications, urging users to scan QR codes for “critical security updates.” Here’s what new crypto investors need to know to stay safe.
What’s Happening?
Scammers are mailing letters to Ledger users’ home addresses, claiming a security breach requires immediate action. The letters instruct users to scan a QR code and enter their 24-word recovery phrase on a fake website mimicking Ledger’s platform. Ledger has publicly declared these letters fraudulent, emphasizing that they never request recovery phrases. This follows earlier email-based phishing campaigns, like one in December 2024, which stole $484,000 in crypto assets.
Scammers are mailing letters to Ledger users’ home addresses, claiming a security breach requires immediate action. The letters instruct users to scan a QR code and enter their 24-word recovery phrase on a fake website mimicking Ledger’s platform. Ledger has publicly declared these letters fraudulent, emphasizing that they never request recovery phrases. This follows earlier email-based phishing campaigns, like one in December 2024, which stole $484,000 in crypto assets.
Why It Matters
Ledger wallets secure billions in cryptocurrency, making them prime targets. Sharing a recovery phrase hands scammers full control of your wallet, leading to irreversible losses. The use of physical mail escalates the threat, exploiting trust in traditional communication. With crypto scams surging—$46 million lost to phishing in September 2024 alone—this highlights the need for vigilance. The scam’s sophistication, possibly leveraging past data breaches, raises concerns about user privacy.
Ledger wallets secure billions in cryptocurrency, making them prime targets. Sharing a recovery phrase hands scammers full control of your wallet, leading to irreversible losses. The use of physical mail escalates the threat, exploiting trust in traditional communication. With crypto scams surging—$46 million lost to phishing in September 2024 alone—this highlights the need for vigilance. The scam’s sophistication, possibly leveraging past data breaches, raises concerns about user privacy.
What Should You Do?
Never share your recovery phrase or scan unsolicited QR codes. Verify communications directly on Ledger’s official website (ledger.com) or Ledger Live app. Report suspicious letters to Ledger’s support and local authorities. New investors should store recovery phrases offline and double-check website URLs before interacting.
Never share your recovery phrase or scan unsolicited QR codes. Verify communications directly on Ledger’s official website (ledger.com) or Ledger Live app. Report suspicious letters to Ledger’s support and local authorities. New investors should store recovery phrases offline and double-check website URLs before interacting.
What’s your take on this alarming scam? Comment below and follow us for more crypto safety tips!
NOTICE:
The information provided on trafy.io does not constitute investment advice or recommendations. All investment and trading activities involve risks, and readers are advised to conduct their own research before making decisions.
NOTICE:
The information provided on trafy.io does not constitute investment advice or recommendations. All investment and trading activities involve risks, and readers are advised to conduct their own research before making decisions.
