A phishing attack has been targeting the Ledger customers- which deals in hardware cryptocurrency wallet- in the form of an email from ledger support. A Reddit user on Sunday alerted the group r/ethfinance about this attack and the existence of such scammers. The email that these hackers sent usually informs the subscribers that the accounts that have at Ledger may very well be compromised. The email states that their forensics team has found quite a few administrative servers of Ledger Live to be filled with malware. This is a phishing attack- for while the email might look extremely professional, it is nothing but one attempt to steal data from the users.
Ledger confirmed the news when they mentioned that hackers had been targeting several users of cryptocurrency wallets from Ledger. According to the company, the email looks so similar to any official mail from the company itself that even users who are aware get fooled by it. One of the Reddit users remarked that they too had been receiving the emails. The only mistake- the hackers had made the URL inaccurate- and the fact that they sent two mails consecutively. But most users agreed that the mails looked extremely convincing- and it took extra efforts to find the malware.
Roots of a phishing attack
Back in July, the team from Ledger had found out about an API key that was related to their marketing and e-commerce database- and this database was exploited after being accessed by a third party- unauthorized. The details available in the database were then used to deliver promotional emails and order confirmations. The teams did stress the fact that the crypto funds and the information about the user’s payment were completely safe and secure. CoinDesk also got into the investigation and reviewed one of the many phishing emails that were sent from ‘[email protected]’. The one clue that any investigator of cybercrimes would find is a misspelling in the URL address- in this case, the spelling of ledger.
What is the Company Doing about these Phishing Attacks?
Phishing attacks are quite a common phenomenon- with their attackers getting sophisticated with time as they are capable of creating emails that are basically a facsimile of the correspondence from the official company. All they need to do is wait for someone unsuspecting to click on a link which could seriously jeopardize their security. A spokesperson from the company did speak up about how they were trying to deal with this latest phishing attack.
They mentioned how the investigation was still in place and while they couldn’t provide any extra information, one thing was sure- the company would never be asking anyone for their recovery phrase. And asking for such was the basic technique for a phishing attack.
Ledger has encouraged all their customers to start exercising caution because the phishing attacks had started getting more and more sophisticated- and to inform the support team of the company in the event of any suspicious activity.