New wave of scam targets Ledger's customers. - page 2.

MeGold666

jr. member

Activity: 28

Merit: 37

I've always said it's safer to be a fish in the ocean than a shark in a tank.

Do yourself a favor and learn how to securely use an air-gapped PC. It takes about an hour for a total beginner to understand, and it's knowledge that will last a lifetime without needing to trust hardware wallet companies.

For small amounts, you can use your phone and Cake Wallet or whatever you prefer.

Phishing attacks are not the fault of hardware wallets, and if you're vulnerable to such threats, you'll get hacked anyway.
Just saying, having an old dedicated laptop is still safer than dealing with these companies.

Quote from: Lucius on October 17, 2024, 05:28:13 AM

...The database that leaked from Ledger is used constantly, and the fact that someone emphasized this news is nothing specific, because everything always boils down to the same thing.

The company said they would never store your information, yet they did. They lied, and people still trust them and their closed-source firmware. 😮
I may need to remind you: The whole cryptocurrency revolution is about being trustless, about not having to trust anyone, because trust is always abused.

Any software that is not open-source and not audited should not be trusted, not only in cryptocurrency but in general.

With hardware wallets (or any closed source projects), you're not the owner of the coins; you're the user, and the company behind it is the owner, controlling what happens inside that black box.

Floxynice

member

Activity: 108

Merit: 34

Quote from: satscraper on October 16, 2024, 01:42:19 AM

This time it is fraudulent "Ledger Clear Signing" chuck which urges customers to activate this feature to make Ledger wallet continuously working. Involved scammers disseminate this mock via emails which sets deadline October 31 after which ^{(as they said)} "users that failing to activate this feature will prevent them from using their devices securely." In fact, this email has a link that leads to a fishing site, the aim being to get sensitive info from users ^{("which can give scammers access to their cryptocurrency wallets')}.

Those, who still use Ledger wallets, be careful to not fall into this scam.

Thanks OP for this information

Quote from: Forsyth Jones on October 16, 2024, 01:19:25 PM

It's incredible how there are still people who fall for this kind of obvious scam, since the main purpose of every hardware wallet is to keep the mnemonic phrase protected on the device; it should never be entered in any online environment, such as typing on a computer keyboard.

Not everyone who have coins stored in wallets really understand how the wallets work. Some people who have very little education about wallets and how scammers operate will easily fall for these scams. Constant efforts in exposing these scam patterns just like OP has just done is what some people need to remain vigilant.

bitmover

legendary

Activity: 2352

Merit: 6089

bitcoindata.science

Quote from: Forsyth Jones on October 16, 2024, 01:19:25 PM

It's incredible how there are still people who fall for this kind of obvious scam, since the main purpose of every hardware wallet is to keep the mnemonic phrase protected on the device; it should never be entered in any online environment, such as typing on a computer keyboard.

I think those phising emails affects very few people, if any. Most users will just ignore them. Those doesn`t even appear in my inbox and go straight to spam.

The point is that sending an e-mail is basically free, and as they already have the data of potential victims, they will just keep sending them. If just one person clicks the bait, they make money....

m2017

legendary

Activity: 1792

Merit: 1296

Playbet.io - Crypto Casino and Sportsbook

Quote from: Charles-Tim on October 16, 2024, 03:47:55 AM

This can be somehow off-topic but it is still worth posting about. That it is better not to use Ledger devices anymore. Ledger Nano is now an online wallet that gives the option for people to save their seed phrase online with third parties. Not worth using anymore and not worth buying.

Of course, the best solution in light of the already formed negative public opinion in crypto community about the Ledger company would be to simply not use the ledger devices. But I believe that such incidents should be voiced in order to inform the community for preventive purposes. As a reminder of phishing, which is one of the most common ways to lose cryptocurrency.

At first glance, Ledger is not involved in the "Ledger Clear Signing", because scammers who send phishing letters are as old as the Internet itself. But there is one nuance, which is that these letters are sent to users of ledger devices on purpose, which is reminiscent of the previous leak of the client base of this company.

Lucius

legendary

Activity: 3234

Merit: 5637

Blackjack.fun-Free Raffle-Join&Win $50🎲

Quote from: Forsyth Jones on October 16, 2024, 01:19:25 PM

It's incredible how there are still people who fall for this kind of obvious scam, since the main purpose of every hardware wallet is to keep the mnemonic phrase protected on the device; it should never be entered in any online environment, such as typing on a computer keyboard.
~snip~

Why do you think there is a link between the fact that some scammers send such e-mails and the fact that there are still people who do not understand the correct way of using hardware wallets? The database that leaked from Ledger is used constantly, and the fact that someone emphasized this news is nothing specific, because everything always boils down to the same thing.

In addition, every seed generated by some HW is not only important to protect on the device itself in case it falls into the wrong hands or from possible remote attacks, but it should also be properly protected as a backup. The key feature of each HW is that it generates the seed offline in a secure environment, and that every action we perform on the same device must be physically confirmed by pressing a key/button.

Z-tight

legendary

Activity: 994

Merit: 1089

Thanks for sharing this. Since they launched the ledger recover feature, scammers decided to deceive naive customers with another so-called security feature called 'clear signing', lol, it is crazy and i seriously hope nobody fell for this bullshit. While it is obvious one shouldn't be using ledger anymore, it should be more obvious to anyone who uses a hardware wallet that this is a scam and that they should not click on the link.

Forsyth Jones

hero member

Activity: 1120

Merit: 540

Duelbits - Play for Free | Win for Real

It's incredible how there are still people who fall for this kind of obvious scam, since the main purpose of every hardware wallet is to keep the mnemonic phrase protected on the device; it should never be entered in any online environment, such as typing on a computer keyboard.

Some people have their first contact with bitcoin and altcoins through these devices and have no basic understanding of how the BIP-39 key derivation scheme works and the consequences, such as total loss of funds after exposing a seed online.

That's why these types of phishing still exist, because unfortunately they are making many victims. I'm afraid that people who have hardware wallets are the easiest to rob.

Quote from: Charles-Tim on October 16, 2024, 03:47:55 AM

This can be somehow off-topic but it is still worth posting about. That it is better not to use Ledger devices anymore. Ledger Nano is now an online wallet that gives the option for people to save their seed phrase online with third parties. Not worth using anymore and not worth buying.

As for your post, it’s really sad that Ledger has gone down this path.

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Leading Crypto Sports Betting & Casino Platform

This can be somehow off-topic but it is still worth posting about. That it is better not to use Ledger devices anymore. Ledger Nano is now an online wallet that gives the option for people to save their seed phrase online with third parties. Not worth using anymore and not worth buying.

satscraper

hero member

Activity: 714

Merit: 1298

This time it is fraudulent "Ledger Clear Signing" chuck which urges customers to activate this feature to make Ledger wallet continuously working. Involved scammers disseminate this mock via emails which sets deadline October 31 after which ^{(as they said)} "users that failing to activate this feature will prevent them from using their devices securely." In fact, this email has a link that leads to a fishing site, the aim being to get sensitive info from users ^{("which can give scammers access to their cryptocurrency wallets')}.

Those, who still use Ledger wallets, be careful to not fall into this scam.

Topic: New wave of scam targets Ledger's customers. - page 2. (Read 377 times)