As part of a new wave of cryptocurrency scams, owners of Ledger hardware wallets have reported receiving phony physical letters intended to fool them into disclosing their wallet seed phrases.
Tech expert Jacob Canfield shared a warning on X on April 29 after receiving a fraudulent letter at his house.
The message, which was disguised as official Ledger mail, told him to scan a QR code and input his 24-word recovery phrase in order to conduct a “critical security update.”
Ledger Scam Letter with Logo and Reference Number Looks Like Official Mail
To add legitimacy, the expertly crafted letter had Ledger’s logo, a return address, and a reference number.
In an attempt to incite action, it threatened to block access to the user’s funds if the “validation” was not completed.
In a direct response to Canfield’s tweet, Ledger acknowledged that the letter was a phishing effort and was false.
The business reaffirmed that “Ledger will never ask for your 24-word recovery phrase,” cautioning consumers against believing unsolicited messages or those posing as Ledger officials.
The most vulnerable part of a cryptocurrency wallet are seed phrases, which are typically 12 to 24 syllables long. A user’s assets can be completely taken over by anybody who has access to them.
Some members of the community believe the fraud is related to Ledger’s notorious 2020 data breach, in which over 270,000 customers’ names, emails, and residential addresses were exposed online.
Numerous phishing attempts followed that event, one of which involved mailing victims altered Ledger devices so they could install malware.
As evidence of how long the effects of data dumps may last in the crypto realm, the new postal scam seems to be another strategy aimed at those impacted by the hack.
Gemini Users Are the Target of a Phishing Scam
A number of cryptocurrency users reported sophisticated phishing scam emails in March that used phony emails that looked authentic to target Coinbase and Gemini users.
According to reports, the bulk email showed up in user inboxes on Saturday. According to the fake email, Coinbase is facing a class action lawsuit for allegedly engaging in unregistered securities. The court has ordered customers to transfer their money into self-custody wallets.
Additionally, the email emphasized that April 1st, 2025 is the deadline for moving user funds to a self-custodial wallet.
According to the blockchain security platform Immunefi, the crypto ecosystem suffered a staggering loss of $1,635,933,800 in 39 incidents during the first three months of 2025.
“Q1 2025 marks the worst quarter for hacks in the history of the crypto ecosystem,” the research asserted.
Only two hacks of two centralized exchanges were responsible for the majority of it. In January, Phemex lost $69.1 million, while in February, Bybit lost $1.46 billion.
Consequently, there were 4.7 times as many losses overall in the first quarter as there were in the first quarter of 2024. Fraudsters and hackers took $348,251,217 at that time.
