#StopTheScammers
Phishing attempts are targeting Ledger customers.
Phishing attacks are unfortunately an all too common threat when using the internet. This page aims to make a list of some examples of phishing attacks we have received at Ledger targeting our customers. If you have any doubts about the authenticity of a communication from Ledger, you can refer to the list below highlighting some recent phishing campaigns.
Phishing websites shutdown since October 22nd: 527
Social networks : 172 = 39 Twitter, 43 telegram, 2 facebook, 2 youtube
Latest update: March 8th, 2022
Report a phishing attempt
Consult ongoing phishing campaigns
Never share the 24 words of your recovery phrase with anyone under any circ*mstances.
Even with Ledger or what you would think is coming from Ledger. Ledger willneverask for them. You should never enter your 24 words anywhere else than into your device.
Only use the official download page for Ledger Live.
The Ledger Nanois not a USB device. It does not contain any application to download and install on your computer.
The only way to download the Ledger Live app is by usingthe official download page here.
How to prevent being scammed from phishing?
Never validate a transaction on your Nano if you are not the author of this transaction.
Scammers will ask you to download a fake Ledger Live application that will trigger a transaction on your Nano. You must absolutely reject that transaction.
Ledger cannot and will not deactivate your device.
Some phishing attempts are pretending Ledger 'deactivate' or 'block' your device for KYC reasons. Ledger is not in a position to 'block' or 'deactivate' your device. Any request asking you to do this is bogus.
Always make sure that you interact through Ledger’s official channels
Be cautious, fake domain names are sometimes very close with a subtle spelling difference such as "legder", "leqder", "ledqer", "lèdger" or "ledgёr".
Please also be aware of what you may think is a ledger.com domain name but is in fact not!
See for example: ledger.com-a42-encryption-m6-email.rg37-s8-smtp (dot) cloud
Authentic Ledger domain names are:
@ledger.fr
@ledger.com
@ledgerwallet.com
@ledger.zendesk.com
Ledger will never contact you via text messages or phone call.
As soon as you receive a so-called Ledger communication via text message, WhatsApp, Telegram, phone call or postal letter, assume that It is a phishing attempt, report it as spam, and block the sender.
Ledger will only communicate via email and official social media channels :
twitter.com/ledger
twitter.com/ledger_support
facebook.com/ledger
instagram.com/ledger
Ongoing phishing campaigns
Latest update: June 17th, 2021
March 1st, 2022
The scammer is pretending to be working in a law firm in contact with Ledger. They are claiming that We have noticed someone tried to log in on your Ledger account from a location you have never used before. So we have blocked your account and wallet. and asking you to click on a link for a 2FA verification.
The link provided by the scammers is not legitimate.
Language : Dutch
June 8th, 2021
Ledger do not have telegram channel and do not use the former logo anymore. Scammers will attempt to get your 24-words contacting you over private messages and inviting you to visit a phishing website
June 17th, 2021
The fake device comes in authentic-looking packaging with the Ledger logo.
The package includes a fake letter and a tampered Ledger hardware wallet. It is shrink-wrapped as if the box has never been opened.
The fake letter explains that you need to replace your existing hardware wallet to secure your funds.
This is a scam. The Ledger Nano is fake. A flash drive implant has been connected to the printed circuit board. It contains a file with a fake Ledger Live app.
There are enclosed instructions in the Nano box which ask the user to connect the device to their computer, open a drive and run the fake Ledger Live app.
To initialize the device, the user is asked to enter his 24 words in the fake Ledger Live app.
This is a scam. A Ledger Nano is not a USB device. It does not contain any application to download and install on your computer. The only way to download the Ledger Live app is by using the official download page.
Plus, Ledger and Ledger Live will never ask you to share your 24-word recovery phrase.
May 10th, 2021
A fake letter claiming to be signed by the CEO of Ledger is sent to a Ledger user along with a faulty Ledger device in his box as if it were new.
In the fake letter, it is stated that you need to change your device to secure your funds. You are asked to initialize the device sent with the letter and to follow the user guide in the box.
This is a scam. The Ledger Nano is faulty and the user guide is a fake.
The fake user guide in the Nano's box asks the user to connect the device to a computer. To initialize the device, the user is then asked to enter his 24 words in a fake Ledger Live application.
This is a scam. Do not connect the device to your computer and never share your 24 words. Ledger will never ask you to share your 24-word recovery phrase.
March 22nd, 2021
One of our user got recently scammed on Amazon. The user bought a Ledger Nano S which had already been initialized by a malicious seller. The malicious seller sent a Nano already initialized to the user with a recovery sheet filled with the 24 words.
When a user receives its Ledger wallet, whether it is a Nano S or X, she/he must always initialize first it by following this process:
- Powering on the device
- Generating a pin code by himself/herself
- Generating the 24 words (seed phrase) by himself
IMPORTANT: no pin code or seed phrase should ever be given to the user by anybody else prior to the initializatio
February, 16th, 2021
In this phishing email, scammers ask you to update your device to secure your crypto.
This is a scam. Your funds are not at risk despite the data breach. Moreover, device updates should always be done directly in the Live Ledger application on your computer or phone.
February, 16th, 2021
In this phishing email, scammers ask you to directly update your 24 words giving access to your crypto.
This is a scam. Your funds are not at risk despite the data breach. Ledger will never ask you to share your 24-word recovery phrase.
February, 7th, 2021
In this phishing email, scammers ask you to update your device to secure your crypto.
This is a scam. Your funds are not at risk despite the data breach. Moreover, device updates should always be done directly in the Live Ledger application on your computer or phone.
January, 24th, 2021
Scammers ask you to click on a link to confirm that you are indeed the person who tried to connect to your device. This is a scam. Do not click on this link.
January, 14th, 2021
In this phishing email scammers are blackmailing: they are asking you to send some BTC in exchange for deleting your personal data.
January, 12th, 2021
The scammer is pretending to be working in a law firm in contact with Ledger. They are claiming that your data have been hacked and that Ledger has authorized them to send you a new Ledger device. In order to set up this new device, they are asking for your 24 words.
January, 2nd, 2021
This phishing email simulates a transaction that did not take place. Ledger will never contact you about your transactions.
This phishing email directs you to a fake website that mimicks Ledger Live and will ask for the 24 words of your recovery seed.
December 27th, 2020
This phishing email is asking you to install a security patch to fix vulnerabilities and keep your data secure. This redirect you to a website and ask you for your 24 words.
This email is not legit. Never share your 24 words.
December 24th, 2020
Scammers pretend to have collected personal information through a security breach such as compromising pictures, internet history or family contact information. They are asking you to pay in exchange for deleting these data.
This email is a scam. We do not have information such as files, pictures, internet history...
December 22nd, 2020
This phishing alert sends you to a fake website which asks you the 24 words of your recovery phrase.
December 22nd, 2020
Cette stratégie de hameçonnage consiste à menacer le client pour lui demander une rançon. Nous vous conseillons de ne pas répondre et de contacter la police locale pour porter plainte si vous vous sentez en danger.
December 22nd, 2020
This French text message claims that your funds are at risk, which is not true. It asks you to share the 24 words of your recovery phrase to solve security issues.
Your funds are not in danger, do not share your 24 words of your recovery phrase with anyone, Ledger will never ask you for them.
December 22nd, 2020
This phishing email uses Ledger's data theft as a pretext, to trick you into giving out the 24 words of your recovery phrase.
This is not a legit email, your funds are not at risk despite the data breach.
December 21st, 2020
Scammers pretend to know your address and demand a ransom to not invade your home.
As you can see these are 'generic' threatening emails playing on your fear to steal your crypto assets.
December 9th, 2020
This scam pretends that due to new KYC rules, Ledger was obliged to deactivate your hardware wallet. First of all, It’s not possible, Ledger is not able to deactivate your Nano.
The link invites you to enter your recovery phrase for KYC purposes. Private keys / recovery phrase are not part of any KYC procedures.
Ledger is not an Exchange, you don’t need a KYC (Know Your Customer) procedure to use your Ledger Nano or Ledger Live.
Only the “buy” features on Ledger Live needs a KYC procedure.
December 6th, 2020
The phishing attempt claims there is an outgoing transaction being made to empty your wallet to encourage you to click on the cancel button. This is fake, Ledger is not able to know what you are doing with your Nano.
Then you would be invited to enter your recovery phrase in a fake version of Ledger Live to cancel the non existing transaction.
The scammers play on your legitimate fear (someone would have access to your accounts) to encourage you to give the 24 words of your recovery phrase.
December 5th, 2020
This phishing attempt pretends your hardware wallet has been deactivated, which is not technically possible.
The link invites you to enter your recovery phrase for KYC purposes. Private keys / recovery phrase are not part of any KYC procedures. The link provided by the scammers is not legitimate.
Ledger is not an Exchange, you don’t need a KYC (Know Your Customer) procedure to use your Ledger Nano or Ledger Live.
Only the “buy” feature on Ledger Live needs a KYC procedure.
December 4th, 2020
This phishing scam pretends that a security breach affects you and your funds are at risk to encourage you to download a fake version of the Ledger Live app.
This fake version of Ledger Live will ask that you enter your recovery phrase in order to fix a security issue that does not exist. There is no security breach that requires you to download a new version of the Ledger Live app, nor will the app ever ask you for your 24 word recovery phrase.
Learn more about phishing campaigns
The Battleground Against Phishing Attempts
Read the article
Anatomy of a Phishing Attack
Read the article
How to keep your crypto safe against scams
Read the article
Want to help us or report a phishing campaign?
If you have any doubt about the authenticity of the communication you received or the domain name or the sending address you received the communication from, you can always contact our Customer Support.
If you think you have received a fake communication from a third party impersonating Ledger, you can report it here.
NB: This will be reviewed by our team and help us flag more phishing examples on this page. However please note that there won’t be an individualised response to emails sent to this address. If your query requires a response from Ledger, please contact our Customer Support.
If you have received a phishing attempt or if you are aware of an illegal website, please report it to Google Safebrowsing. The more we report these illegal websites to Google, the more difficult it will be for scammers to deceive our Ledger users.
