Scam Emails Target Ledger Users with Fake ‘Ledger Clear Signing’ Feature

Scam Emails Target Ledger Users with Fake ‘Ledger Clear Signing’ Feature

A fresh wave of phishing emails is specifically targeting users of Ledger hardware wallets in a bid to steal their cryptocurrencies. These fraudulent messages aim to trick users into activating a non-existent security feature known as “Ledger Clear Signing,” which scammers assert is essential for the continued operation of Ledger devices.

The phishing effort has a deadline of October 31, warning users that failing to enable this feature will compromise the security of their devices.

Phishing Emails Direct Users to Malicious Website

The deceptive emails do not originate from official Ledger email addresses. Instead, they contain a malicious link leading users to a counterfeit website. The phishing message states, “To continue using your Ledger device securely, activating Clear Signing is mandatory starting November 1, 2024. This feature is crucial for protecting your assets from increasingly sophisticated phishing attacks and fraudulent activities.”

These phishing schemes aim to trick victims into revealing sensitive details such as private keys or passwords, enabling scammers to access their cryptocurrency wallets. In this instance, the intention is to mislead users into clicking on a link that provides access to their Ledger wallet, thus allowing attackers to drain their crypto assets.

Thomas Roccia, a senior threat researcher at Microsoft, described the current email campaign as a “very clean Ledger scam.” Roccia highlighted that the fraudulent link redirects users to a URL with no connection to Ledger, emphasizing the necessity of avoiding suspicious links.

Crypto Users Lose $46M to Phishing Scams in September

Phishing attacks continue to be a significant concern for cryptocurrency users, resulting in substantial financial losses. According to Scam Sniffer, a Web3 anti-scam platform, over 10,000 individuals lost more than $46 million to phishing scams in September alone. The platform reported that 10,805 victims incurred losses totaling $46.7 million due to various crypto phishing attacks last month.

Recently, cybersecurity scammers have begun using automated email replies to infiltrate systems and deliver stealthy cryptocurrency mining malware. This development follows another malware threat identified in August.

The “Cthulhu Stealer,” which impacts MacOS systems, disguises itself as legitimate software while targeting personal information such as MetaMask passwords, IP addresses, and private keys from cold wallets.

In a separate incident, a fraudulent crypto wallet application on Google Play managed to steal $70,000 from users in a sophisticated scam, described as a world-first for exclusively targeting mobile users. The malicious app, named WalletConnect, imitated the reputable WalletConnect protocol but was actually a sophisticated scheme to empty crypto wallets.

The post Scam Emails Target Ledger Users with Fake ‘Ledger Clear Signing’ Feature appeared first on Cryptonews.

Share this article
0
Share
Shareable URL
Prev Post

Hong Kong Police Bust $46M Asia-Wide Deepfake Crypto Romance Scam

Read next