Register users targeted by malicious ‘clear signature’ phishing email.
New scam emails are targeting Ledger users, trying to steal their cryptocurrency holdings.
The scam emails are intended to convince users to enable a security feature called “Ledger Clear Signing” by October 31 to continue using their ledger devices.
The emails – sent from addresses not linked to Ledger – lead users to a malicious link to activate a fake security feature. The phishing email reads:
“To continue using your Ledger device securely, enabling ClearSignature is mandatory from November 1, 2024. This feature is essential to protect your assets from phishing attacks and fraudulent activities.”
Scam email impersonating Ledger. Source: Cointelegraph
Phishing scams trick users into voluntarily sharing their account details with scammers. Crypto users should avoid clicking on suspicious links or providing any personal information to unknown sources.
Related: UK, Colombia Linked Crypto Exchanges Track Record Good at TD Bank
Cointelegraph has reached out to Ledger for comment.
Phishing attacks are becoming increasingly common in the crypto space. In May, a trader lost $71 million worth of crypto in the biggest phishing attack of the year. The attacker made the merchant send 99% of their funds to the attacker's address.
Fraudsters continue to vie for Ledger users.
Ledger hardware wallets are among the most popular in the industry, making users prime targets for fraudsters.
However, the current wave of email is “very pure ledger fraud,” according to Microsoft's senior risk researcher Thomas Roccia.
In a follow-up post, Roccia said the scam link redirects users to a URL with no correspondence at all.
Scam email impersonating Ledger, urlscan.io. Source: Thomas Roccia
Phishing attacks are a growing concern in crypto.
Despite their unsophisticated nature, phishing attacks are a growing concern in crypto.
Phishing attacks stole nearly $46 million from 10,800 victims in September, according to onchain security firm Scam Sniffer. The largest loss was reported on September 28, when a phishing attack using a license phishing signature destroyed 12,083 spWETH worth $32.43 million.
Related: Sui's price rally sparks $400M insider allegations
Crypto phishing attacks rose more than 215 percent in August, with around 9,145 victims robbed of $66 million worth of digital assets.
Most of the stolen value in August was a major phishing attack worth $55 million.
In the year On August 20, one unlucky crypto holder signed a transaction that changed ownership of 55.47 million Dai (DAI) in the decentralized financial protocol maker.
$3 billion stolen in hacks – why are crypto crimes on the rise? Source: YouTube
Magazine: 10 Most Missed Crypto Theories Like ‘Peter Todd is Satoshi'
