The thieves opened a new front against cryptocurrency users with fake letters delivered by regular Postal Mail that targeted those with -owned by ledger hardware wallets.
The misleading letters tell the recipients they need to confirm their private seed phrases for a “critical security update,” according to reports posted on Social Media Site X on April 29.
Physical letters indicate official communication
Tech Pundit Jacob Canfield the scam has no cover When he received such a letter at his home address. Scammers use the official Ledger logo and business address, and also a reference number to make it legitimate. It tells the recipients to scan a QR code and put in the private phrase of recovery of their purse, saying it will prove their device.
The letter uses pressure steps, threatening that “the failure to complete the required authentication process can lead to limited access to your purse and funds.”
Security professionals warn that anyone who does it is essentially surrendering the total control of their Cryptocurrency Assets in cybercriminals.
BREAKING: The new scam meta launched. Now they send physical letters to @Ledger Database Leak address requesting a 'upgrade' due to a security risk.
Be careful and warn any friends or family you know are in crypto and that's not Savvy. pic.twitter.com/xouagqbjxt
– Jacob Canfield (@jacobcanfield) April 28, 2025
Recovery Phrases: Keys to Crypto Kingdoms
A Seed phrase Or the recovery phrase is a list of up to 24 words that the master key in a cryptocurrency purse. Anyone who owns this phrase has complete control of the corresponding wallet and can send all funds to the other purse. These phrases are incredible -it is important for a target of scammers because of this.
The hardware wallet firm also confirmed that the letters are fake. Ledger issued the following statement after Canfield's post:
“Ledger will not call, dm [direct message]or request your 24-word recovery phrase. If this happens, it's a scam. “
The firm also warned customers against contact with accounts that present to be Ledger staff or anyone who provides aid in recovery of funding.
A seed phrase sample. Source: Unchained Capital.
Possible connection to previous data violation
The mail scam can be attributed to a significant security hack that occurred near five years ago. Hackers in July 2020 compromised the Ledger's database and announced personal details of more than 270,000 clients.
It is Not the first time Physical mail was used by criminals to target cryptocurrency users. In a 2021 Bleeping Computer report, many Ledger users reported receiving fake ledger devices in the mail. Fake devices are already programmed to i -Drop malware When plugged into a computer.
BTCUSD trading in the $95,158 region on the 24-hour chart: TradingView.com
The stolen data consists of names, phone numbers, and residence addresses – the data on which this mail scam can be made.
Canfield made this link in his social media announcement, pointing out that scammers seemed to target ledger users whose information was hacked into that violation.
The latest mail scam is a developmental development, a mix of conventional mail fraud with cryptocurrency theft techniques.
Security researchers recommend that those with -owned hardware wallets have that any legitimate company will not ask for recovery phrases under any circumstances, even if a message seems to be official.
Featured image from Joint Base San Antonio, Chart from TradingView
Editorial process For Bitcoinist centered on delivering thoroughly researched, accurate, and unbiased content. We promote strict sources of sourcing, and each page undergoes our team's enthusiastic examination of the leading technology experts and timely editors. This process ensures the integrity, relevance, and value of our content for our readers.
