Aller vers la version française

#StopTheScammers

Ongoing phishing campaigns

Phishing attempts are targeting Ledger customers.

Phishing attacks are unfortunately an all too common threat when using the internet. This page aims to make a list of some examples of phishing attacks we have received at Ledger targeting our customers. If you have any doubts about the authenticity of a communication from Ledger, you can refer to the list below highlighting some recent phishing campaigns.

Phishing websites shutdown since October 22nd: 216

Never share the 24 words of your recovery phrase with anyone under any circumstances.

Even with Ledger or what you would think is coming from Ledger. Ledger will never ask for them. You should never enter your 24 words anywhere else than into your device.

How to prevent being scammed from phishing?

  

Never validate a transaction on your Nano if you are not the author of this transaction.

Scammers will ask you to download a fake Ledger Live application that will trigger a transaction on your Nano. You must absolutely reject that transaction.

  

Ledger cannot and will not deactivate your device.

Some phishing attempts are pretending Ledger 'deactivate' or 'block' your device for KYC reasons. Ledger is not in a position to 'block' or 'deactivate' your device. Any request asking you to do this is bogus.

  

Always make sure that you interact through Ledger’s official channels

Be cautious, fake domain names are sometimes very close with a subtle spelling difference such as "legder", "leqder", "ledqer", "lèdger" or "ledgёr".

Please also be aware of what you may think is a ledger.com domain name but is in fact not!
See for example: ledger.com-a42-encryption-m6-email.rg37-s8-smtp (dot) cloud

Authentic Ledger domain names are:
@ledger.fr
@ledger.com
@ledgerwallet.com
@ledger.zendesk.com

  

Ledger will never contact you via text messages or phone call.

As soon as you receive a so-called Ledger communication via text message, WhatsApp, Telegram, phone call or postal letter, assume that It is a phishing attempt, report it as spam, and block the sender.

Ledger will only communicate via email and official social media channels :

   twitter.com/ledger
   twitter.com/ledger_support
   facebook.com/ledger
   instagram.com/ledger

Ongoing phishing campaigns  

Latest update: January 15th, 2020




January, 14th, 2021



In this phishing email scammers are blackmailing: they are asking you to send some BTC in exchange for deleting your personal data.


January, 12th, 2021



The scammer is pretending to be working in a law firm in contact with Ledger. They are claiming that your data have been hacked and that Ledger has authorized them to send you a new Ledger device. In order to set up this new device, they are asking for your 24 words.


January, 2nd, 2021



This phishing email simulates a transaction that did not take place. Ledger will never contact you about your transactions.
This phishing email directs you to a fake website that mimicks Ledger Live and will ask for the 24 words of your recovery seed.


December 27th, 2020



This phishing email is asking you to install a security patch to fix vulnerabilities and keep your data secure. This redirect you to a website and ask you for your 24 words.
This email is not legit. Never share your 24 words.


December 24th, 2020



Scammers pretend to have collected personal information through a security breach such as compromising pictures, internet history or family contact information. They are asking you to pay in exchange for deleting these data.
This email is a scam. We do not have information such as files, pictures, internet history...


December 22nd, 2020



This phishing alert sends you to a fake website which asks you the 24 words of your recovery phrase.


December 22nd, 2020



Cette stratégie de hameçonnage consiste à menacer le client pour lui demander une rançon. Nous vous conseillons de ne pas répondre et de contacter la police locale pour porter plainte si vous vous sentez en danger.


December 22nd, 2020



This French text message claims that your funds are at risk, which is not true. It asks you to share the 24 words of your recovery phrase to solve security issues.
Your funds are not in danger, do not share your 24 words of your recovery phrase with anyone, Ledger will never ask you for them.

Ce SMS en Français prétend que vos fonds sont en danger depuis le vol de données e-commerce dont nous avons été victimes. C'est totalement faux. Cette attaque de hameçonnage vous demande de partager les 24 mots de votre recovery phrase pour remédier à des problèmes de sécurité.

Vos fonds ne sont pas en danger, ne partagez les 24 mots de votre recovery phrase avec personne, Ledger ne vous les demandera jamais.


December 22nd, 2020



This phishing email uses Ledger's data theft as a pretext, to trick you into giving out the 24 words of your recovery phrase.
This is not a legit email, your funds are not at risk despite the data breach.


December 21st, 2020



Scammers pretend to know your address and demand a ransom to not invade your home.

As you can see these are 'generic' threatening emails playing on your fear to steal your crypto assets.


December 9th, 2020



This scam pretends that due to new KYC rules, Ledger was obliged to deactivate your hardware wallet. First of all, It’s not possible, Ledger is not able to deactivate your Nano.

The link invites you to enter your recovery phrase for KYC purposes. Private keys / recovery phrase are not part of any KYC procedures.

Ledger is not an Exchange, you don’t need a KYC (Know Your Customer) procedure to use your Ledger Nano or Ledger Live.

Only the “buy” features on Ledger Live needs a KYC procedure.


December 6th, 2020



The phishing attempt claims there is an outgoing transaction being made to empty your wallet to encourage you to click on the cancel button. This is fake, Ledger is not able to know what you are doing with your Nano.

Then you would be invited to enter your recovery phrase in a fake version of Ledger Live to cancel the non existing transaction.

The scammers play on your legitimate fear (someone would have access to your accounts) to encourage you to give the 24 words of your recovery phrase.


December 5th, 2020



This phishing attempt pretends your hardware wallet has been deactivated, which is not technically possible.

The link invites you to enter your recovery phrase for KYC purposes. Private keys / recovery phrase are not part of any KYC procedures. The link provided by the scammers is not legitimate.

Ledger is not an Exchange, you don’t need a KYC (Know Your Customer) procedure to use your Ledger Nano or Ledger Live.

Only the “buy” feature on Ledger Live needs a KYC procedure.


December 4th, 2020



This phishing scam pretends that a security breach affects you and your funds are at risk to encourage you to download a fake version of the Ledger Live app.

This fake version of Ledger Live will ask that you enter your recovery phrase in order to fix a security issue that does not exist. There is no security breach that requires you to download a new version of the Ledger Live app, nor will the app ever ask you for your 24 word recovery phrase.

Learn more about phishing campaigns

The Battleground Against Phishing Attempts

Read the article

Anatomy of a Phishing Attack

Read the article

How to keep your crypto safe against scams

Read the article

Want to help us or report a phishing campaign?


If you have any doubt about the authenticity of the communication you received or the domain name or the sending address you received the communication from, you can always contact our Customer Support.



If you think you have received a fake communication from a third party impersonating Ledger, you can report it here.


NB: This will be reviewed by our team and help us flag more phishing examples on this page. However please note that there won’t be an individualised response to emails sent to this address. If your query requires a response from Ledger, please contact our Customer Support.


If you have received a phishing attempt or if you are aware of an illegal website, please report it to Google Safebrowsing. The more we report these illegal websites to Google, the more difficult it will be for scammers to deceive our Ledger users.