For those not aware; earlier this year ledger website was hacked, exposing sensitive details of a number of users to a malicious third party - https://news.bitcoin.com/crypto-hardware-wallet-firm-ledger-hacked-one-million-customer-emails-exposed/ The breach was solved, but the information were already exposed, those details are now being used to carry out personalized phishing attempts.
I could not find any news about the affected users being messaged and warned of their data leak inorder for them to take precaution and disregard any unsolicited messages, as some of them could have likely missed the publication. I assumed this would be safe practice to protect victims of the hack.
Topic: Ledger SMS phishing campaign - new attempt, not too subtle - page 2. (Read 473 times)
Carry on phishing attempts after data breach..
Some Ledger customers have started to receive today a new phishing SMS, with the following pretext (or similar) (*):
The URL takes you to a fake Ledger site, where, once you select your model, it asks you to plug-in your device. No real need to though. It then leads you on to the following screen:
No need to say what will happen if anyone proceeds to provide the above information...
See: https://www.reddit.com/r/ledgerwallet/comments/k2tb69/unknown_withdrawal_request_sms/
(*) I have not seen any prior message on the forum reporting this specific URL provided in the received SMS.
Some Ledger customers have started to receive today a new phishing SMS, with the following pretext (or similar) (*):
Code:
Name Surname Withdrawl request from new Device (IP China, Macau).
Edit or Cancel details: ledger[dot]com-device[dot]id73457[dot]app/activity
The Id does not seem to be unique per recipient, as I’ve seen a couple of different people receive the same message (and played round with the URL to see it another number led to the site).Edit or Cancel details: ledger[dot]com-device[dot]id73457[dot]app/activity
The URL takes you to a fake Ledger site, where, once you select your model, it asks you to plug-in your device. No real need to though. It then leads you on to the following screen:
No need to say what will happen if anyone proceeds to provide the above information...
See: https://www.reddit.com/r/ledgerwallet/comments/k2tb69/unknown_withdrawal_request_sms/
(*) I have not seen any prior message on the forum reporting this specific URL provided in the received SMS.
Jump to: