Ledger scammers are sending phishing SMSes to users that claims the Ledger devices have a vulnerability and redirect them to a fake websites like "Ledger (dot) Media" or "Ledger (dot) Report" that asks you to install a different firmware into your device, to steals the funds. This is a phishing attack. Once you end up on the fake ledger website, it asks you to install a fake version of Ledger Live app and asks you to enter your seed.Do not install any new firmware other than from the official Ledger Live app. Do not click on any links asking you to install firmwares or download Ledger live from unofficial sources.Example of Phishing SMS:Fake Ledger SMSIt seems the hackers have obtained customers emails and mobile numbers from the Ledger data breach, and are using that list to target customers with these fake messages. Using information obtained from the data breach at Ledger, the scammers are sending out targeted messages that include your real name, and your phone number as well. The message asks you to update the firmware with a malicious version.There is also another phishing scam that asks users to install a fake ledger Live version that asks for user's seeds on the fake website itself, and this also steals all your funds. As always, never enter your seed anywhere except on the Ledger device.Edit: Updated modus operandi. The fake ledger website asks you to install a different version of Ledger Live that asks for your seed phrase. Once you enter the seed phrase, your funds can be swept by the hacker. Never enter the seed phrase on any computer or non-ledger device.Edit: Link to Ledger's communication about Data Breach. This is where the scammers are getting your Personal Information including name, phone number & Email Address: https://ift.tt/30W0nkB
Submitted October 29, 2020 at 01:54PM
No comments:
Post a Comment