Hardware wallet manufacturer Ledger is investigating a new phishing attack targeting users over email.
- Users have received emails, written in a professional tone, saying that several “Ledger Live administrative servers had been infected with malware” and that their assets were at risk of being stolen
- Company officials have acknowledged the existence of a “continuous phishing scam” and have assembled an internal team to tackle the problem
- Twitter users began posting about the scam around October 25, with some community members ramping up their criticism of Ledger’s poor protection of user data
- Ledger experienced a data breach in June 2020, which resulted in over 1 million users having their emails exposed; a subset of 9500 customers also had their names, addresses, and ordered products exposed
- Users on Reddit have also revealed that they have received the email and expressed concern that many less vigilant Ledger owners would fall for the scam