Author

Topic: [Warning] Fake Ledger wallet update email with phishing link. (Read 269 times)

hero member
Activity: 1876
Merit: 721
Top Crypto Casino
Most of the emails recently now have their filtering of emails and messages come from suspicious senders its ideal if we use this feature to prevent this kind of phishing, and it is better if we have a spare email for transitions and other emails for personal use its not ideal to use the same email at the same time to prevent this happen if we know that this particular email have a tons of accounts and password connected preventing those getting comprised. Don't entertain too much an email if you didn't make a transaction to prevent getting victim on these things.
Because of the fake offer emails I was forced to not use those emails for any important work. So I now use a separate email for important work that hasn't been leaked yet. So yes it is important to keep multiple emails to protect yourself from such traps. The email I got this fake link of ledger wallet is my separate email because I use it for other places including promotional events. It is very risky to use the same email everywhere, as crypto users can fall victim to such traps at any time due to a little carelessness. Sometimes even experienced crypto users fall into the trap due to a little carelessness.
legendary
Activity: 1722
Merit: 5937
It's good if it was your secondary email, it's easy to replace it. But if you used it as your main email with all your contacts, work emails, important sign ups and etc, then it's a bit more problematic to start everything from scratch.
Well, I do hope that people (or at least not many of them) weren't so reckless to use their business email for anything crypto related (I know I don't).

My email that got exposed was the main crypto one though and it was a pain in the ass to change it, but I'll rather went through that than being constantly spammed with all sorts of scams.

legendary
Activity: 1708
Merit: 1280
Top Crypto Casino
Most of the emails recently now have their filtering of emails and messages come from suspicious senders its ideal if we use this feature to prevent this kind of phishing, and it is better if we have a spare email for transitions and other emails for personal use its not ideal to use the same email at the same time to prevent this happen if we know that this particular email have a tons of accounts and password connected preventing those getting comprised. Don't entertain too much an email if you didn't make a transaction to prevent getting victim on these things.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
~snip~
I'm getting such kind of emails often, but I barely notice it because almost always it goes to spam folder. Often even legit messages from Ledger goes there Cheesy.


From my personal experience, approximately 90% of such e-mails went directly to the spam folder, and I marked all those that arrived in the inbox as spam, including those e-mails that came directly from Ledger. I don't understand why it would be a problem if someone receives 100 spam messages a day, most of which end up in the spam folder, I neither read them nor am I interested.

If it's minor issue, I'm wondering what would be serious problem for them. I hate when companies trying to pretend that everything is fine when everything is just burning and they think that their customers are fools who don't understand what's going on. Sometimes I think that it would be better to send message and admit "Yes, we f*cked up"

If you have ever met people in your life who always think they are right and minimize their every mistake, no matter how big it was and had a negative impact on people, then you understand what kind of people were or still are at the head of that company. It is simply better not to deal with such people, and luckily there are alternatives that are more than adequate replacements.
legendary
Activity: 1890
Merit: 1537
It's good that you posted this topic here on the beginners' board, as there might be newcomers in the field who trust email messages blindly, thinking that fake and scam messages might only be transferred to the spam folder. However, these scam messages might also appear in the inbox. Therefore, before anyone rushes to click on any link in the received emails, they should verify the sender's email and confirm the authenticity of the message from official accounts on social media, whether it's for Ledger wallet or any other hardware wallet. It's better to avoid clicking on any links in suspicious emails or downloading any files or documents. Instead, rely on accessing official websites directly. Also, it's advisable not to use the primary email for all websites and exchanges, and avoid showing it publicly.
legendary
Activity: 3234
Merit: 1375
Slava Ukraini!
Those who got their email exposed via infamous Ledger database leak should have got rid off those emails as soon as it happened. At least that's what I did after the leak and when I started getting those phishing emails. Problem solved.  Wink
It's good if it was your secondary email, it's easy to replace it. But if you used it as your main email with all your contacts, work emails, important sign ups and etc, then it's a bit more problematic to start everything from scratch.
I'm getting such kind of emails often, but I barely notice it because almost always it goes to spam folder. Often even legit messages from Ledger goes there Cheesy.

But their CEO Pascal (lord of the rings) claimed not so long ago that this is not a problem and that most users did not even notice it.
If it's minor issue, I'm wondering what would be serious problem for them. I hate when companies trying to pretend that everything is fine when everything is just burning and they think that their customers are fools who don't understand what's going on. Sometimes I think that it would be better to send message and admit "Yes, we f*cked up"
tyz
legendary
Activity: 3360
Merit: 1533
And the email I received it on is the email I used once on the Ledger wallet website to participate in a promotional event.

It is not necessary that the email comes from the promotion campaign. As is known, Ledger was hacked some time ago and the data of the users who had ordered from Ledger was stolen, including the email addresses. Therefore, phishing mails that explicitly target Ledger customers are not uncommon. There was a complaining post here some time ago of a user, because he receives phishing mails targeting Ledger almost daily.
legendary
Activity: 1722
Merit: 5937
I mostly agree with you, but if you have an email that has been leaked through the Ledger email database leak, it's pretty much a lost cause; and I'm telling this from experience — you're simply just going to get everything thrown at you.
Those who got their email exposed via infamous Ledger database leak should have got rid off those emails as soon as it happened. At least that's what I did after the leak and when I started getting those phishing emails. Problem solved.  Wink
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
If you use an e-mail that has good spam detection, most of such messages will go to the spam folder anyway, where they will be automatically deleted after some time. For those messages that still make it into the inbox, you should simply mark them as spam and in that way help other users not receive them in the inbox.

I'm not sure if there are certain words that can be added to spam filters in some e-mails so that you practically prohibit receiving e-mails that contain content that we are not interested in. For someone who does not own a Ledger or some other HW, I see no reason to receive any e-mails related to the same, especially if it is possible phishing/malware links.

I mostly agree with you, but if you have an email that has been leaked through the Ledger email database leak, it's pretty much a lost cause; and I'm telling this from experience — you're simply just going to get everything thrown at you.
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
I received an email to update Ledger wallet, but basically it is a fake email and the purpose of this email is phishing attack. And the email I received it on is the email I used once on the Ledger wallet website to participate in a promotional event.
Have you ever checked your email address with https://haveibeenpwned.com/ ?

It's possibly that your email will be marked as pwned.

I don't use Ledger wallet and don't know their condition to join Ledger promotional event, it's helpful if you share that is it opened for everyone or is it restricted to Ledger users only.

Because if it is opened for everyone, and you want to join it, you must use your throw away email or not important email to join events. If you use your main email to join events around many platforms, you expose yourself to many potential risk.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
~snip~
Also: if you've been getting a lot of scam emails, it's a sign that you need to change email addresses.


If you use an e-mail that has good spam detection, most of such messages will go to the spam folder anyway, where they will be automatically deleted after some time. For those messages that still make it into the inbox, you should simply mark them as spam and in that way help other users not receive them in the inbox.

I'm not sure if there are certain words that can be added to spam filters in some e-mails so that you practically prohibit receiving e-mails that contain content that we are not interested in. For someone who does not own a Ledger or some other HW, I see no reason to receive any e-mails related to the same, especially if it is possible phishing/malware links.
hero member
Activity: 462
Merit: 767
Instant cryptocurrency exchange with own reserves!
Since Ledger Wallet announced the possibility of sharing email with third parties, it was better to use a temporary email with all of their services.

How would a user know that the emails and data were compromised? Ledger Wallet announced the possibility of sharing emails with third parties once they were already compromised. That means the users already registered with their email. How they would know that the ledger could be hacked and they should use a temporary email? Old ledger wallet users already abandoning their wallets.

For new users who are looking for a hardware wallet, I don't think people would choose a ledger wallet after all those sagas. There was too much controversy about their services. There is no reason someone would still use ledger wallet after knowing all these things.
legendary
Activity: 1932
Merit: 2354
The Alliance Of Bitcointalk Translators - ENG>SPA
I agree that their data leak a couple of years ago was very disappointing, and that recovery service is far from the idea hodlers have about holding one's keys oneself and being our own bank. But why the advice to stop using Ledger devices? as long as you use them the way you should, I still think they are good products.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
Hackers/scammers will ALWAYS be making schemes or ways of tricking people because hacking hardware wallets is where they'll likely get high amounts of stolen funds. This(and scams in general) won't change as long as humanity exists.

Also: if you've been getting a lot of scam emails, it's a sign that you need to change email addresses.
hero member
Activity: 406
Merit: 443
Since Ledger Wallet announced the possibility of sharing email with third parties, it was better to use a temporary email with all of their services. Having your data reach a third party will increase the possibility of it being leaked, hacked, or sold without there being a legal issue for Ledger.
There is no real benefit to using a personal email with their services, and it is best to stop using their hardware wallets.
hero member
Activity: 952
Merit: 555
Once again Ledger is in the limelight for a wrong reason again. I think the last connectkit saga or let me say hackers definitely got some information from ledger and they are definitely using it. The thing is ledger themselves are aware of this phishing scam because they issued a warning against email scams. Maybe it’s time to finally ditch them for good.

I can't just believe the way things have just changed with the use of this hardware wallet called ledger, once it was well recommended, but now it's no longer trusted for use because of this kind of experiences and the trust level with the use of this wallet, when there's no privacy anymore secured with ledger, data bridge and many loophole has been used to ruin the acceptability of this wallet, thanks for sharing all this piece of informations.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
I received an email to update Ledger wallet, but basically it is a fake email and the purpose of this email is phishing attack. And the email I received it on is the email I used once on the Ledger wallet website to participate in a promotional event. That means the data that was leaked from the Ledger wallet website is now being used by hackers to target Ledger wallet users.
~snip~


This is nothing new, the Ledger database was hacked a few years ago and it is not only about e-mails, but also about 300 000 of their users where all the data (name, surname, address and phone number) was leaked. But their CEO Pascal (lord of the rings) claimed not so long ago that this is not a problem and that most users did not even notice it.

Those who only receive phishing emails should consider themselves lucky, the rest can never rule out the possibility that they will become victims of even a physical attack.
sr. member
Activity: 588
Merit: 338
Once again Ledger is in the limelight for a wrong reason again. I think the last connectkit saga or let me say hackers definitely got some information from ledger and they are definitely using it. The thing is ledger themselves are aware of this phishing scam because they issued a warning against email scams. Maybe it’s time to finally ditch them for good.


Crypto related hacks are a normal trends now, it's not surprising that you'd wake up to hear that an exchange or wallet has been hacked, hackers are not resting in upgrading their tactics, neither should we relent in being security conscious regarding any affairs on the internet. As this ledger email hack has come up to limelight again, it'll be very important for it's users to diligently verify and be sure of authenticity of information before clicking anything to avoid scams.
sr. member
Activity: 658
Merit: 441
Thank you for the info. Since ledger announced plans to dish out a cloud-based private keys backup service, all has never been the same with hardware wallet giant. It has been making the headlines for the wrong reasons. The wounds from the GitHub library exploitation is still fresh in the hearts of many, now there's a security breach of customers email and there's the tendency that some unsuspecting persons might take the bait. Ledger really socks at security.
sr. member
Activity: 700
Merit: 470
Hope Jeremiah 17vs7
Once again Ledger is in the limelight for a wrong reason again. I think the last connectkit saga or let me say hackers definitely got some information from ledger and they are definitely using it. The thing is ledger themselves are aware of this phishing scam because they issued a warning against email scams. Maybe it’s time to finally ditch them for good.
I guess this is not their first data breach because Its seems like I saw something on their website last year. Good thing I never had anything with them and there have always been advice against using ledger here.

Most(if not all) CEX usually makes this same statement I guess I won't be wrong believing they have also suffered a data breach.
hero member
Activity: 3038
Merit: 634
Many of these emails will never be gone as it's like a database of the hacker or the phisher that keeps on collecting more emails of people and then will send it again soon.

The reminder has always been displayed on Ledger's website at the top of the page.

Beware of phishing attacks, Ledger will never ask for the 24 words of your recovery phrase. Never share them.

#StopTheScammers
Ongoing phishing campaigns

What I just don't like with this reminder in the latter is that at top of it, they're reminding people about the ledger recover, duh.
hero member
Activity: 1876
Merit: 721
Top Crypto Casino
Once again Ledger is in the limelight for a wrong reason again. I think the last connectkit saga or let me say hackers definitely got some information from ledger and they are definitely using it. The thing is ledger themselves are aware of this phishing scam because they issued a warning against email scams. Maybe it’s time to finally ditch them for good.
The situation is getting worse and users' personal information is being leaked to hackers which is really a concern. Hackers either sell this information or hackers themselves use it to target crypto users. I am getting fake Ledger wallet update emails daily now they have flooded my email, which means hackers are now using this trend to scam. Ledger wallet data leak incidents are already happening, so Ledger wallet authorities should be more careful about keeping users' data safe.
hero member
Activity: 868
Merit: 952
Once again Ledger is in the limelight for a wrong reason again. I think the last connectkit saga or let me say hackers definitely got some information from ledger and they are definitely using it. The thing is ledger themselves are aware of this phishing scam because they issued a warning against email scams. Maybe it’s time to finally ditch them for good.

hero member
Activity: 1876
Merit: 721
Top Crypto Casino
I received an email to update Ledger wallet, but basically it is a fake email and the purpose of this email is phishing attack. And the email I received it on is the email I used once on the Ledger wallet website to participate in a promotional event. That means the data that was leaked from the Ledger wallet website is now being used by hackers to target Ledger wallet users. So if someone has received such an email then do not click on the link attached to this email, scammers have added Malicious to this email. They are now actively continuing these activities. So everyone should be careful now they are on big mission even they are trying to take control of crypto users devices.




Virustotal : https://www.virustotal.com/gui/url/4d63b402f1d47ee4b4b6f261fae36e1e3fad593de532313ede4086f8b1eaf3cb/detection

Jump to: