Compare Ledger wallets
The Battleground Against Phishing Attempts
Read the articleNever share the 24 words of your recovery phrase with anyone under any circumstances.
Even with Ledger or what you would think is coming from Ledger. Ledger and Ledger support will never ask for them. You should never enter your 24 words anywhere other than directly into your device.
#StopTheScammers
Ongoing phishing campaigns
Phishing attempts are targeting Ledger customers.
Phishing attacks are unfortunately an all too common threat when using the internet. This page aims to make a list of some examples of phishing attacks we have received at Ledger targeting our customers. If you have any doubts about the authenticity of a communication from Ledger, you can refer to the list below highlighting some recent phishing campaigns.
How to prevent being scammed from phishing?
Never validate a transaction on your Nano if you are not the author of this transaction.
Scammers will ask you to download a fake Ledger Live application that will trigger a transaction on your Nano. You must absolutely reject that transaction.
Ledger cannot and will not deactivate your device.
Some phishing attempts claim that Ledger will 'deactivate' or 'block' your device for KYC reasons. Ledger is not in a position to 'block' or 'deactivate' your device. Any request asking you to do this is an attempt to scam you.
Remember: A Ledger device is used for the purposes of self-custody. The nature of cryptocurrency accounts is such that there is no identity directly associated with any account.
Always make sure that you interact through Ledger’s official channels
Be cautious, fake domain names are sometimes very close with a subtle spelling difference such as “legder”, “leqder”, “ledqer”, “lèdger” or “ledgёr”
Please also be aware of what you may think is a ledger.com domain name but is in fact not!
See for example:
ledger.com-a42-encryption-m6-email.rg37-s8-smtp (dot) cloud
Authentic Ledger domain names are:
@ledger.fr
@ledger.com
@ledgerwallet.com
@ledger.zendesk.com
Please take a moment to review our help center article on this topic for more information related to legitimate Ledger domains, including both websites and email addresses.
Ledger will never contact you via text messages or phone call.
As soon as you receive a so-called Ledger communication via text message, WhatsApp, Telegram, phone call or postal letter, assume that it is a phishing attempt, report it as spam, and block the sender.
Ledger will also never prompt you to contact us via any method other than via our official support channels (our chat widget in the bottom-right corner here).
Ledger will only communicate via email and official social media channels:
On-going phishing campaigns
Top 5 scam campaigns targeting Ledger users
1. Malicious actors contacting Ledger users via phone calls. The key takeaway here is that Ledger will never contact users via phone call, for any reason. No matter how convincing the person may seem, always remember that there are no circumstances where it would be necessary to provide your 24 word recovery phrase. Any attempt to gain this secret information is an attempt to steal your funds.
With this tactic, the malicious actor may also open a legitimate support ticket using the victim’s email address. The user will then receive an official response from our support team, which gives the scammer more credibility when they make the call. If an unsolicited Ledger Support email is ever received, please respond back to let our team know that you did not initiate the request. And, if you’re on the phone with someone claiming to be from Ledger, immediately hang up and ignore further contact attempts.
This article will provide more information about this scam tactic:
Ledger Support Article
2. Fake Ledger Live application or website. This remains one of the most common scam tactics we see. Fake versions of Ledger Live can look extremely convincing at first glance. However, users who attempt to interact with one will inevitably receive a supposed “error message” accompanied by a request to input their 24 word recovery phrase. Of course, there is no real issue with the device, its memory, the firmware, etc. It is only an attempt to get the user to type their 24 word recovery phrase.
The only place to download the official Ledger Live application is directly from our website at https://www.ledger.com/ledger-live. Please refer to this article to see examples of some fake Ledger Live applications/websites we’ve encountered:
Ledger Support Article
3. Scam NFTs. This tactic involves a scammer depositing an NFT into a user’s wallet that contains a title intended to trick the user into believing they have won some sort of prize or giveaway. It will also include instructions to visit a specific website to claim the “reward”. NFTs of this nature should be treated the same as a spam email – don’t interact with them in any way. You can simply hide these from your portfolio in Ledger Live.
This article will provide some examples of common scam NFTs that are received, as well as instructions on how to properly handle them: Ledger Support Article
4. Malicious transactions. This tactic involves tricking the user into authorizing a transaction they did not intend, often through the manipulation of blind-signing. This is also normally the end-goal for the previous tactic involving scam NFTs.
Please exercise extreme caution whenever you connect to a decentralized application or website to sign a transaction, especially if that dApp/site requires the user to use blind-signing. You can learn more about the dangers of blind-signing here:
https://www.ledger.com/academy/cryptos-greatest-weakness-blind-signing-explained
This article will provide more information about the dangers of malicious transactions:
https://support.ledger.com/article/8397197967005-zd
5. Fake social media accounts posing as Ledger. Scammers constantly create fake profiles on social media platforms that can be very difficult to spot as a fake. One key thing to remember is that Ledger will never send users a direct message on social media. Any request to communicate via direct message on social media platforms should be considered a scam attempt.
On top of impersonating our official support accounts, scammers will often impersonate individuals who work at Ledger or have worked at Ledger in the past. These messages can be received as responses to your posts, and they will typically request for you to send them a direct message. They may also recommend to follow up with someone on another social media platform, such as linking an Instagram or Telegram account to contact.
For your security, please treat any message directing you to contact another person on social media, or any attempt to engage via direct message, as a scam attempt. Above all, always remember to never provide your 24 word recovery phrase to any person, no matter what.
Please refer to this article for a full list of our official support profiles on social media:
Ledger Support Article
Learn more about phishing campaigns
Anatomy of a Phishing Attack
Read the article
How to keep your crypto safe against scams
Read the articleWant to help us or report a phishing campaign?
If you think you have received a fake communication from a third party impersonating Ledger (phone call, email, or other), report it in detail to our dedicated phishing address.
If you want to report a fake X (Twitter) account impersonating Ledger or its employees, you can use this link.
Please also consider reporting the phishing or fraud attempt to the Federal Trade Commission. This can be done here.
If you have received a phishing attempt or if you are aware of an illegal website, please report it to Google Safebrowsing. The more we report these illegal websites to Google, the more difficult it will be for scammers to deceive our Ledger users.
Thank you for taking the time to report a phishing email. It will help us identify potential new phishing campaigns. All reports are carefully reviewed by our team but please note that we don’t send individualized responses. If your inquiry requires a response from Ledger, please contact our Customer Support directly.
Privacy notice for phishing report email: Ledger has a legitimate interest in collecting and processing your data to investigate your phishing report. Your information will be available to Ledger (and its technical providers) and will be retained for no longer than 6 months. Your data may be shared with law enforcement authorities for investigation purposes. If you do not wish that we share your information, please let us know.
Your information may be transferred to non-European countries that ensure an adequate level of protection, or under the standard contractual clauses adopted by the EU Commission or the Data Privacy Framework Program for providers located in the United States.
You may access your data and request their rectification or deletion. You may also request the limitation of the processing of your data. To exercise your rights or for any question on the processing of your data, please contact Ledger’s Data Protection Officer here. If nevertheless you believe Ledger did not adequately address your concerns and mishandled your data, you may lodge a complaint with the personal data protection authority of your country.