News Detail

Crypto-Theft Attacks on the Rise: Physical Letters Used to Scam Trezor and Ledger Users

Threat actors have been sending physical letters to users of Trezor and Ledger cryptocurrency hardware wallets, pretending to be from the companies themselves. The goal of these attacks is to trick users into submitting their recovery phrases, which can be used to gain access to their cryptocurrency funds.

The letters, designed to appear as legitimate communications from Trezor and Ledger, aim to create a sense of urgency or importance, prompting users to take immediate action. This could include instructions to verify their accounts, update their wallet software, or even to send their recovery phrases to the attackers.

How the Scam Works

• The attacker sends a physical letter to a Trezor or Ledger user, mimicking the branding and tone of the actual company.
• The letter contains a request for the user to perform a specific action, such as submitting their recovery phrase or downloading a fake software update.
• Once the user complies, the attacker uses the provided information to gain access to the user's cryptocurrency funds.

It's essential for users to be aware of these types of attacks and to always verify the authenticity of any communication, whether physical or digital, before taking any action.

Protecting Yourself from Crypto-Theft Attacks

• Never share your recovery phrase with anyone, as it can be used to access your cryptocurrency funds.
• Be cautious of unsolicited communications, whether via mail, email, or phone, that ask for sensitive information.
• Always verify the authenticity of any communication by contacting the company directly through official channels.

By being aware of these types of attacks and taking the necessary precautions, users can help protect themselves from falling victim to crypto-theft attacks.

Empowering the next generation of ethical defenders.