The Battleground Against Phishing Attempts
Read the articleNever share the 24 words of your recovery phrase with anyone under any circumstances.
Even with Ledger or what you would think is coming from Ledger. Ledger will never ask for them. You should never enter your 24 words anywhere else than into your device.
#StopTheScammers
Ongoing phishing campaigns
Phishing attempts are targeting Ledger customers.
Phishing attacks are unfortunately an all too common threat when using the internet. This page aims to make a list of some examples of phishing attacks we have received at Ledger targeting our customers. If you have any doubts about the authenticity of a communication from Ledger, you can refer to the list below highlighting some recent phishing campaigns.
How to prevent being scammed from phishing?
Never validate a transaction on your Nano if you are not the author of this transaction.
Scammers will ask you to download a fake Ledger Live application that will trigger a transaction on your Nano. You must absolutely reject that transaction.
Ledger cannot and will not deactivate your device.
Some phishing attempts are pretending Ledger 'deactivate' or 'block' your device for KYC reasons. Ledger is not in a position to 'block' our 'deactivate' your device. Any request asking you to do this is bogus.
Never validate a transaction on your Nano if you are not the author of this transaction.
Scammers will ask you to download a fake Ledger Live application that will trigger a transaction on your Nano. You must absolutely reject that transaction.
Ledger cannot and will not deactivate your device.
Some phishing attempts are pretending Ledger 'deactivate' or 'block' your device for KYC reasons. Ledger is not in a position to 'block' our 'deactivate' your device. Any request asking you to do this is bogus.
On-going phishing campaigns
Top 5 scam campaigns targeting Ledger users
1. Malicious actors contacting Ledger users via phone calls. The key takeaway here is that Ledger will never contact users via phone call, for any reason. No matter how convincing the person may seem, always remember that there are no circumstances where it would be necessary to provide your 24 word recovery phrase. Any attempt to gain this secret information is an attempt to steal your funds.
With this tactic, the malicious actor may also open a legitimate support ticket using the victim’s email address. The user will then receive an official response from our support team, which gives the scammer more credibility when they make the call. If an unsolicited Ledger Support email is ever received, please respond back to let our team know that you did not initiate the request. And, if you’re on the phone with someone claiming to be from Ledger, immediately hang up and ignore further contact attempts.
This article will provide more information about this scam tactic:
Ledger Support Article
2. Fake Ledger Live application or website. This remains one of the most common scam tactics we see. Fake versions of Ledger Live can look extremely convincing at first glance. However, users who attempt to interact with one will inevitably receive a supposed “error message” accompanied by a request to input their 24 word recovery phrase. Of course, there is no real issue with the device, its memory, the firmware, etc. It is only an attempt to get the user to type their 24 word recovery phrase.
The only place to download the official Ledger Live application is directly from our website at https://www.ledger.com/ledger-live. Please refer to this article to see examples of some fake Ledger Live applications/websites we’ve encountered:
Ledger Support Article
3. Scam NFTs. This tactic involves a scammer depositing an NFT into a user’s wallet that contains a title intended to trick the user into believing they have won some sort of prize or giveaway. It will also include instructions to visit a specific website to claim the “reward”. NFTs of this nature should be treated the same as a spam email – don’t interact with them in any way. You can simply hide these from your portfolio in Ledger Live.
This article will provide some examples of common scam NFTs that are received, as well as instructions on how to properly handle them: Ledger Support Article
4. Malicious transactions. This tactic involves tricking the user into authorizing a transaction they did not intend, often through the manipulation of blind-signing. This is also normally the end-goal for the previous tactic involving scam NFTs.
Please exercise extreme caution whenever you connect to a decentralized application or website to sign a transaction, especially if that dApp/site requires the user to use blind-signing. You can learn more about the dangers of blind-signing here:
https://www.ledger.com/academy/cryptos-greatest-weakness-blind-signing-explained
This article will provide more information about the dangers of malicious transactions:
https://support.ledger.com/article/8397197967005-zd
5. Fake social media accounts posing as Ledger. Scammers constantly create fake profiles on social media platforms that can be very difficult to spot as a fake. One key thing to remember is that Ledger will never send users a direct message on social media. Any request to communicate via direct message on social media platforms should be considered a scam attempt.
On top of impersonating our official support accounts, scammers will often impersonate individuals who work at Ledger or have worked at Ledger in the past. These messages can be received as responses to your posts, and they will typically request for you to send them a direct message. They may also recommend to follow up with someone on another social media platform, such as linking an Instagram or Telegram account to contact.
For your security, please treat any message directing you to contact another person on social media, or any attempt to engage via direct message, as a scam attempt. Above all, always remember to never provide your 24 word recovery phrase to any person, no matter what.
Please refer to this article for a full list of our official support profiles on social media:
Ledger Support Article
Learn more about phishing campaigns
Anatomy of a Phishing Attack
Read the article
How to keep your crypto safe against scams
Read the articleWant to help us or report a phishing campaign?
If you have any doubt about the authenticity of the communication you received or the domain name or the sending address you received the communication from, you can always contact our Customer Support.
If you think you have received a fake communication from a third party impersonating Ledger, you can report it here.
If you want to report a fake X (Twitter) account impersonating Ledger or its employees, you can use this link.
NB: This will be reviewed by our team and help us flag more phishing examples on this page. However please note that there won’t be an individualised response to emails sent to this address. If your query requires a response from Ledger, please contact our Customer Support.
If you have received a phishing attempt or if you are aware of an illegal website, please report it to Google Safebrowsing. The more we report these illegal websites to Google, the more difficult it will be for scammers to deceive our Ledger users.