|
Title: [PHISHING][SCAM] Fake Ledger E-Mails (24.10.2020) Post by: bullrun2024bro on October 25, 2020, 09:48:56 PM (Update: For Information on how to keep your crypto safe, see this article: Something’s Phishy – How to Keep Your Crypto Safe Against Scams (https://www.ledger.com/academy/somethings-phishy-how-to-keep-your-crypto-safe-against-scams)) What happened: Phishing E-Mails by a fake Ledger Website. Scammers are sending out phishing E-Mails to steal your funds from your Ledger device. Make sure not to download anything. Don't follow the instructions in the E-Mail. Don't set a new password. Don't enter your seed/private key! Stay safe and please see the information below. Sender of the E-Mail: info@ledgersupport.io <- SCAM! Quote from: https://www.whois.net/ Domain Name: LEDGERSUPPORT.IO Registry Domain ID: D503300001188157325-LRMS Registrar WHOIS Server: whois.namecheap.com Registrar URL: www.namecheap.com Updated Date: 2020-10-25T08:37:42Z Creation Date: 2020-10-24T13:48:32Z Registry Expiry Date: 2021-10-24T13:48:32Z Registrar Registration Expiration Date: Additional Notes: Please see this Reddit-Thread (https://www.reddit.com/r/ethfinance/comments/jhqhc0/phishing_alert_to_all_ledger_customer/) for additional information. Quote from: https://www.reddit.com/r/ethfinance/comments/jhqhc0/phishing_alert_to_all_ledger_customer/ Dear XXX, We regret to inform you that Ledger has experienced a security breach affecting approximately 85,000 of our customers and that the wallet associated with your e-mail address („E-MAIL-ADDRESS“) is within those affected by the breach. Namely, on Saturday, October 24th 2020, our forensics team has found several of the Ledger Live administrative servers to be infected with malware. At this moment, it's technically impossible to conclusively assess the severity and the scope of the data breach. Due to these circumstances, we must assume that your cryptocurrency assets are at risk of being stolen. If you're receiving this e-mail, it's because you've been affected by the breach. In order to protect your assets, please download the latest version of Ledger Live and follow the instructions to set up a new PIN for your wallet. Sincerely, Ledger https://i.imgur.com/0x0vABn.png Source: https://www.reddit.com/r/ethfinance/comments/jhqhc0/phishing_alert_to_all_ledger_customer/ Title: Re: [PHISHING][SCAM] Fake Ledger E-Mails (24.10.2020) Post by: cryptoaddictchie on October 26, 2020, 07:35:41 AM Damn Im sure once the download button has been initiated some sort of virus or keylog is planted that will steal our funds. Thanks for sharing mate this warning. There are lots of users with ledger that probably should seen this to avoid loss of funds.
Is there a way to track the culprit even with IPs or anu location from their email used? Im sure its a fake changeable emailed similarly with ledger so we could report it. Title: Re: [PHISHING][SCAM] Fake Ledger E-Mails (24.10.2020) Post by: sdjmlsdjgqkjgqmljg on October 26, 2020, 08:13:26 AM More disturbing is that Ledger is untill now not informing customers about this. They (or a worker of them) must be involved in the scam.
And what about the customers home adress? Has this also been stolen? >:( Title: Re: [PHISHING][SCAM] Fake Ledger E-Mails (24.10.2020) Post by: Furious 7 on October 26, 2020, 08:17:56 AM Warning - Ledger phishing emails! (https://bitcointalk.org/index.php?topic=5284388.0) by notblox1 (https://bitcointalk.org/index.php?action=profile;u=2015418)
I also saw this thread made notblox1 on the "Beginners & Help" board very terrible also now the scamer has been able to change the email almost the same whatever it must be a trick for them, well here we will only always be aware of the notification from the email will we must download from what has been given the link. Title: Re: [PHISHING][SCAM] Fake Ledger E-Mails (24.10.2020) Post by: bullrun2024bro on October 26, 2020, 09:20:00 AM More disturbing is that Ledger is untill now not informing customers about this. They (or a worker of them) must be involved in the scam. Don't spread FUD here please. It is way more likely that the E-Mail-addresses were stolen in the recent Ledger data breach. See here: Addressing the July 2020 e-commerce and marketing data breach — A Message From Ledger’s Leadership (https://www.ledger.com/addressing-the-july-2020-e-commerce-and-marketing-data-breach) And what about the customers home adress? Has this also been stolen? >:( It looks like the following data was stolen in the Ledger data breach in July 2020: A week after patching the breach, we discovered It had been further exploited on the 25th of June 2020, by an unauthorized third party who accessed our e-commerce and marketing database – used to send order confirmations and promotional emails – consisting mostly of email addresses, but with a subset including also contact and order details such as first and last name, postal address, email address and phone number. Your payment information and crypto funds are safe. Is there a way to track the culprit even with IPs or anu location from their email used? Im sure its a fake changeable emailed similarly with ledger so we could report it. Ledger already gave a statement on Reddit, in which they announced that they contacted the hosting providers to shut down the domains: https://i.imgur.com/OdFU9pY.png Source: https://www.reddit.com/r/ledgerwallet/comments/jhrp95/is_this_mail_from_ledger_o_is_this_fishing/ Title: Re: [PHISHING][SCAM] Fake Ledger E-Mails (24.10.2020) Post by: sdjmlsdjgqkjgqmljg on October 26, 2020, 01:41:20 PM It looks like the following data was stolen in the Ledger data breach in July 2020: A week after patching the breach, we discovered It had been further exploited on the 25th of June 2020, by an unauthorized third party who accessed our e-commerce and marketing database – used to send order confirmations and promotional emails – consisting mostly of email addresses, but with a subset including also contact and order details such as first and last name, postal address, email address and phone number. Your payment information and crypto funds are safe. Is that right? Someone knows by now that one probably has a ledger wallet in his house? How can they make the statement that the funds are safe??? Sooner or later, someone will come in your house and will start cuttings some fingers. :( Title: Re: [PHISHING][SCAM] Fake Ledger E-Mails (24.10.2020) Post by: NeuroticFish on October 26, 2020, 01:49:26 PM Is that right? Someone knows by now that one probably has a ledger wallet in his house? How can they make the statement that the funds are safe??? Sooner or later, someone will come in your house and will start cuttings some fingers. :( Not all Bitcoiners are rich. One can keep on Ledger 100$, 1000$ or millions; you don't know that. Or it may even be empty. And Ledger has quite a big number of customers. Would they go after so many people to "cut some fingers" until they find the actually rich ones? Not feasible... Title: Re: [PHISHING][SCAM] Fake Ledger E-Mails (24.10.2020) Post by: TalkStar on October 26, 2020, 01:50:24 PM Ledger already gave a statement on Reddit, in which they announced that they contacted the hosting providers to shut down the domains: Professional and quick response from their end and it was necessary. In this type of case scammers purchase email list from dishonest platform owners and start to send the common email to all. They know only few amount of people among them are ledger user and the file which can contain malware is made for them. Even it can be harmful for another users device who are not ledger user but use another crypto wallets. https://i.imgur.com/OdFU9pY.png Source: https://www.reddit.com/r/ledgerwallet/comments/jhrp95/is_this_mail_from_ledger_o_is_this_fishing/ Thanks for bringing this matter above our eyes and i wish our community users who have ledger will not put their foot on this fake wallet update. Please don't forget to check the real website first for getting information about wallet update. Title: Re: [PHISHING][SCAM] Fake Ledger E-Mails (24.10.2020) Post by: btc_angela on October 27, 2020, 01:30:34 AM Saw this news 2 days ago and many redditors quickly spread the message across and even Ledger in their twitter has blasted this so I'm not expecting that some ledger users will fall for this trap. I don't know how the hackers were able to get the emails from the data breach, but it looks like they are colluding with each other to scam crypto users, not gonna happen if we work collectively like reporting it and made everyone aware.
Title: Re: [PHISHING][SCAM] Fake Ledger E-Mails (24.10.2020) Post by: bullrun2024bro on October 31, 2020, 10:41:30 AM Since there are ongoing phishing attempts via email, Ledger has published the following security guidelines on Twitter:
https://i.imgur.com/res2obL.jpg Source: https://twitter.com/Ledger/status/1321769913439145991 Ledger Article: Something’s Phishy – How to Keep Your Crypto Safe Against Scams (https://www.ledger.com/academy/somethings-phishy-how-to-keep-your-crypto-safe-against-scams) Beware guys! Don't fall for these filthy E-Mail scammers! |
