Users of Ledger are being continuously targeted by social media phishing attacks, search engines, and via email. Attackers perfectly crafted a facsimile website, content to scam users of the ledger by entering into their 24-word recovery phrase, and this scam netted more than 1,150,000 XRP from its victims.
Ledger supports urges its users to be curious as much as possible and also urged not to provide your recovery phrase OR to send crypto assets, it’s a malicious attack.
This scam was made possible by phishing emails and those redirected their users to a fake version of the Ledger website that substituted a homoglyph in the URL. On this perfectly crafted facsimile site, the visitors were fooled by downloading malware posing as a security update which drained all their balance from their official ledger wallet.
A tweet post-scam explained that the stolen XRP was sent in a total of five payments to the cryptocurrency exchange Bittrex, which made it unable to catch the funds in time to intervene.
Regrettably, the phishing attacks are just not limited to fake emails. Earlier Ledger support reported on a fake Ledger Chrome extension and that extension could have successfully siphoned of proximately $2.5 million worth of digital currencies.
A company spokesperson stated that “The investigation is ongoing and at this time we cannot give any additional information but one thing is for certain: Ledger will never ask you for your 24-word recovery phrase, which is a blatant sign of a phishing scam,” and Ledger is also conscious about all the fuss and fraudulent exercises that are targeting its users, but the company is not clear how it can prevent these frauds other than creating awareness to its beloved customers.
From fake YouTube live streams to recovery applications these phishing attackers are successfully unveiling brand new tricks every other day and if you have any doubts or if you believe that you are being targeted by a phishing attempt, please contact your hardware or software wallet company immediately.
