Scammers Target Ledger Users with Phishing Letters Asking for Recovery Phrases

April 30, 2025 – Scammers are using a new tactic to target Ledger hardware wallet users, mailing physical letters that appear to be from the company. The letters are asking recipients to provide their private recovery phrases under the guise of a “critical security update”, in an attempt to steal funds from their wallets.

Scam Letter Posing as Ledger

The scam was first exposed by tech commentator Jacob Canfield, who shared a letter he received in an April 29 X post. The letter, which appears to be from Ledger, uses the company’s logo, business address, and a reference number to appear legitimate. The message asks users to perform a security update on their device by scanning a QR code and entering their private recovery phrase.

The letter claims that completing the process is “mandatory” and threatens that failure to comply could result in restricted access to the wallet and its funds.

How the Scam Works

A recovery phrase (or seed phrase) is a series of up to 24 words that grants access to a crypto wallet. If scammers obtain this phrase, they can take control of the associated wallet and transfer its funds to their own accounts.

The scammers behind this attack are exploiting the trust Ledger users place in the company, crafting a message that seems urgent and official, in order to trick people into sharing their sensitive data.

Wider Reports of Similar Scams

Following Canfield’s post, a crypto hardware wallet reseller on X reported receiving similar complaints from Ledger users who had also received suspicious letters asking for recovery phrases. This indicates that the scam is affecting a wide range of Ledger’s customer base, not just individual users.

Ledger Responds to Scam Alert

In response to the growing concerns, Ledger has issued a statement confirming that the letter is a fraudulent scam. The company urged users to be cautious of phishing attempts and reminded them that Ledger will never ask for a recovery phrase or any sensitive information via physical mail or unsolicited communication.

Users are advised to stay vigilant and verify any requests for personal or financial information through official Ledger channels.

This latest phishing scheme highlights the ongoing need for crypto wallet users to remain cautious about unsolicited communication, particularly when it involves requests for sensitive information like private recovery phrases.