Bitcoin Forum
December 07, 2021, 06:52:52 AM *
News: Latest Bitcoin Core release: 22.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 [4] 5 6 7 8 9 »  All
  Print  
Author Topic: New Ledger phishing mail targets individual users  (Read 1714 times)
HCP
Legendary
*
Offline Offline

Activity: 1890
Merit: 4063

<insert witty quote here>


View Profile
December 08, 2020, 09:34:35 PM
 #61

If you read the reddit threads, the Ledger staff claim that in every single case where someone has provided the appropriate details to them (ie. email address or phone number that received the phishing message), they have been able to identify that the data was already provided to them prior to the initial hack (ie. the person had already signed up for a newsletter or purchased a device using those details in the past).

It really is a "he said/she said" type situation... users claiming they received nothing until they purchased a black friday deal, then they magically start receiving messages... Ledger claiming there is no "ongoing" or "new" leak.

Having said that... I haven't purchased anything from them in over 3 years. Never received any messages/texts after the initial hack back in July/August etc... until I received the latest "We are sorry to tell you that due to the new KYC regulations, your hardware device has been deactivated." message 2 days ago. It wasn't even personally addressed, it just said: "Dear <my.email @address.com>"... so I'm not even sure if it was from the Ledger leak, or is just a semi-targeted campaign using details from one of the many crypto service hacks Undecided


Personally, I think the users saying "I got this message after buying on Black Friday" is just a timing coincidence... but that still doesn't change the fact that Ledger fucked up originally and haven't done a great job of handling it. Undecided

1638859972
Hero Member
*
Offline Offline

Posts: 1638859972

View Profile Personal Message (Offline)

Ignore
1638859972
Reply with quote  #2

1638859972
Report to moderator
1638859972
Hero Member
*
Offline Offline

Posts: 1638859972

View Profile Personal Message (Offline)

Ignore
1638859972
Reply with quote  #2

1638859972
Report to moderator
1638859972
Hero Member
*
Offline Offline

Posts: 1638859972

View Profile Personal Message (Offline)

Ignore
1638859972
Reply with quote  #2

1638859972
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1638859972
Hero Member
*
Offline Offline

Posts: 1638859972

View Profile Personal Message (Offline)

Ignore
1638859972
Reply with quote  #2

1638859972
Report to moderator
1638859972
Hero Member
*
Offline Offline

Posts: 1638859972

View Profile Personal Message (Offline)

Ignore
1638859972
Reply with quote  #2

1638859972
Report to moderator
1638859972
Hero Member
*
Offline Offline

Posts: 1638859972

View Profile Personal Message (Offline)

Ignore
1638859972
Reply with quote  #2

1638859972
Report to moderator
Coin-Keeper
Hero Member
*****
Offline Offline

Activity: 743
Merit: 582



View Profile
December 08, 2020, 10:26:32 PM
 #62

I was the proud receiver of this last round of emails too.  Thankfully its a throw away email on tutanota.

BTC: 1PYSBbuKM3kW19xe9TXJQfq64rPhd8XorF
Staked and Verified: https://bitcointalk.org/index.php?topic=996318.msg17102755#msg17102755
Lucius
Legendary
*
Offline Offline

Activity: 2352
Merit: 2940


Feed one child - change the world🎗


View Profile WWW
December 09, 2020, 09:43:47 AM
 #63

Never received any messages/texts after the initial hack back in July/August etc... until I received the latest "We are sorry to tell you that due to the new KYC regulations, your hardware device has been deactivated." message 2 days ago.

I also received the first such message in an email a few days ago, but it was in a spam folder. The message itself is really a real joke, of course only for those who know that HW cannot be deactivated in the way someone is trying to present it.

Personally, I think the users saying "I got this message after buying on Black Friday" is just a timing coincidence... but that still doesn't change the fact that Ledger fucked up originally and haven't done a great job of handling it. Undecided

There is no doubt that a company like this should not have allowed itself something like this, but when the hacking of the database happened, what could have been done better than what Ledger is currently doing? What exactly would you do if you were in such a situation?

Pmalek
Legendary
*
Offline Offline

Activity: 1876
Merit: 3157


Powerful promotion strategy https://bit.ly/3cRVjFi


View Profile
December 09, 2020, 10:48:33 AM
 #64

I really can't imagine that their server are still compromised, that would require some exceptionally bad incident response. Guess that's not impossible tho..
I don't think there are either. However, dkbit98 did share that reddit post where a user claims that he received a phishing email after purchasing one of their devices. But if the reddit user hasn't posted any proof to support his claims, the chance that he is lying and trying to take a swing at Ledger while they are down is equally possible.

I received the latest "We are sorry to tell you that due to the new KYC regulations, your hardware device has been deactivated." message 2 days ago. It wasn't even personally addressed, it just said: "Dear <my.email @address.com>"... so I'm not even sure if it was from the Ledger leak, or is just a semi-targeted campaign using details from one of the many crypto service hacks Undecided
I don't think it is related to the original leak. I received that device deactivated email as well, twice, on an email address not even remotely connected to the email used to purchase my Ledger device. It went into spam both times. I guess the senders just have a huge database of email addresses they have gotten their hands on.   

jerry0
Full Member
***
Offline Offline

Activity: 1330
Merit: 152


View Profile
December 10, 2020, 04:15:56 AM
 #65

I received this email as well but it went to my spam folder.  So most users thus received this email then?


So what happens if you click on the link on the email?  Is it malware/virus/keylogger?


Or does it ask you for your seed? 
Lucius
Legendary
*
Offline Offline

Activity: 2352
Merit: 2940


Feed one child - change the world🎗


View Profile WWW
December 10, 2020, 10:30:40 AM
 #66

~snip~

It is mostly about trying to get someone to put their seed on a phishing site, but it is possible that this could infect your computer with a virus/malware. For you and most average users there is no point in clicking on a link, let’s leave that for those trying to locate hackers and prevent them from continuing with this dirty campaign.

bob123
Legendary
*
Offline Offline

Activity: 1610
Merit: 2428



View Profile WWW
December 10, 2020, 03:32:17 PM
 #67

I don't think there are either. However, dkbit98 did share that reddit post where a user claims that he received a phishing email after purchasing one of their devices.

Reddit users are... inexperienced to say at least.
Most of the people commenting there on crypto subs literally have not a single clue. These are the people who fall for phishing mails.

Just because some people on reddit claim something, this doesn't make it true. In fact, you should always assume that those people made the mistake themselves.



I guess there's always the possibility of something being overlooked (the baddies are always so ingenious), for example: man-in-the-middle attack or even some sort of 'inside job'. As in the recent twitter case.
They may not even know they are leaking data. Purely speculation on my part, of course...

A MITM is not related to that and wouldn't have any influence.

Whether it is an inside job or not, you do know when you are leaking data.
It's not something which "just happens" without being noticeable. There is enough evidence and there are definitely enough traces to see that data has been leaked and how it has been leaked.

ETFbitcoin
Legendary
*
Offline Offline

Activity: 2072
Merit: 3389


NotYourKeys.org - Not Your Keys, Not Your Bitcoin


View Profile
December 11, 2020, 11:20:29 AM
 #68

I just checked to throwaway email account and found out i also received few similar spam email. Additionally, i also receive few classic send X coin and you'll earn 2X spam, while the throwaway email never got any spam before Ledger server hacked.

I received this email as well but it went to my spam folder.  So most users thus received this email then?


So what happens if you click on the link on the email?  Is it malware/virus/keylogger?


Or does it ask you for your seed? 

Aside from what @Lucius said, it's possible they use unique link for each receiver, which mean they'll know that you open the email and open the link. They also could log your IP and browser fingerprint.

btcwish1
Full Member
***
Offline Offline

Activity: 395
Merit: 108


View Profile
December 12, 2020, 05:35:00 PM
 #69

Another phishing email today. It is just not stopping. I am worried about one thing. I didn't receive email about 'ledger live' before and I never used ledger live either.

But recently I installed ledger live and used ledger live.  Now I am getting phishing email about ledger live!!



HCP
Legendary
*
Offline Offline

Activity: 1890
Merit: 4063

<insert witty quote here>


View Profile
December 12, 2020, 07:14:04 PM
 #70

Another phishing email today. It is just not stopping. I am worried about one thing. I didn't receive email about 'ledger live' before and I never used ledger live either.

But recently I installed ledger live and used ledger live.  Now I am getting phishing email about ledger live!!
It's most likely just a coincidence... a lot of people are receiving this "new" email.

Refer:
https://www.reddit.com/r/ledgerwallet/comments/kbtyix/data_breach_email/
https://www.reddit.com/r/ledgerwallet/comments/kbt4fv/so_wheres_the_attack_vector_in_this_email_theres/
https://www.reddit.com/r/ledgerwallet/comments/kbtpmq/ledger_data_breach/

And have a read of this: https://www.bleepingcomputer.com/news/security/fake-data-breach-alerts-used-to-steal-ledger-cryptocurrency-wallets/

aesma
Hero Member
*****
Offline Offline

Activity: 1624
Merit: 674


fly or die


View Profile
December 12, 2020, 11:54:42 PM
 #71

btcwish1 : I've been using Ledger live for years and I just got the email too, for the first time. I must say it's well done, but not enough to convince me to change my PIN or whatever, I understand how the security of the Ledger works, and I also know there is no association between my email and my wallet.

It will definitely work on some people, I fear.

edit : and I didn't buy a Ledger since that one time years ago.
Pmalek
Legendary
*
Offline Offline

Activity: 1876
Merit: 3157


Powerful promotion strategy https://bit.ly/3cRVjFi


View Profile
December 14, 2020, 02:16:59 PM
 #72

It has been 9 days since I created a brand new email address, registered for the Ledger newsletter, signed up to their Affiliate program, and entered my email address in their shopping cart as part of an uncompleted purchase. I have not received a single phishing email to the brand new account. If the data was still being leaked, I think someone would have tried something by now and I would have received a phishing email.

@dkbit98
What about you? Have you received any bogus emails?

@btcwish1
My friend, who my Ledger device was shipped to, received phishing mails, and I received some on email accounts that are not connected to Ledger at all. Who knows how these people operate and what kind of databases they have gotten their hands on. 

dkbit98
Legendary
*
Offline Offline

Activity: 1344
Merit: 2849


Powerful promotion strategy https://bit.ly/3cRVjFi


View Profile WWW
December 14, 2020, 03:03:35 PM
 #73

What about you? Have you received any bogus emails?

Nothing received yet on new email I created, but it is interesting that I didn't receive any legit email from Ledger also, even if I am subscribed to their newsletter, so maybe they shut it down totally I don't know  Cheesy

I do keep getting daily scam messages on my old email address, some of them go directly to spam folder, but they always create new address that shows up in my inbox.
I reported recently in scam accusations that this scammers are from Ukraine/Russia region.

suchmoon
Legendary
*
Offline Offline

Activity: 2884
Merit: 6873


https://bpip.org


View Profile WWW
December 14, 2020, 03:18:36 PM
Merited by Pmalek (1)
 #74

My friend, who my Ledger device was shipped to, received phishing mails, and I received some on email accounts that are not connected to Ledger at all. Who knows how these people operate and what kind of databases they have gotten their hands on. 

"they" might have cross-referenced the Ledger list with some other lists to farm more related contact info, or sold the list to someone else who did it. I went through my spam folder and found at least one Ledger phishing e-mail received at an address that I never gave to Ledger but it still refers to me by name. It is possible that some other unrelated leak somewhere contained my name and e-mail too but that's a hell of a coincidence that it got a Ledger-themed e-mail and not the usual genitalia enlargement promotions.

Given that every fucking scammer knows "here is an address of a person who might have a decent amount of crypto because they bought a hardware wallet" it's just a matter of time before they start targeting family members.

LTU_btc
Legendary
*
Offline Offline

Activity: 2170
Merit: 1062



View Profile WWW
December 14, 2020, 08:14:59 PM
 #75

Nothing received yet on new email I created, but it is interesting that I didn't receive any legit email from Ledger also, even if I am subscribed to their newsletter, so maybe they shut it down totally I don't know  Cheesy
Nope, I'm still getting legit emails from Ledger. I got it on 7th, 12th December and another one just 10 minutes ago. So, it's a bit strange that you haven't got anything.
Also, recently I haven't got phishing Ledger emails, just some Blockchain.con and PayPal scams. But probably it's only matter of time.




▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄    ▄▄▄▄                  ▄▄▄   ▄▄▄▄▄        ▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄▄    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄
 ▀████████████████▄  ████                 █████   ▀████▄    ▄████▀  ▄██████████████   ████████████▀  ▄█████████████▀  ▄█████████████▄
              ▀████  ████               ▄███▀███▄   ▀████▄▄████▀               ████   ████                ████                   ▀████
   ▄▄▄▄▄▄▄▄▄▄▄█████  ████              ████   ████    ▀██████▀      ██████████████▄   ████████████▀       ████       ▄▄▄▄▄▄▄▄▄▄▄▄████▀
   ██████████████▀   ████            ▄███▀     ▀███▄    ████        ████        ████  ████                ████       ██████████████▀
   ████              ████████████▀  ████   ██████████   ████        ████████████████  █████████████▀      ████       ████      ▀████▄
   ▀▀▀▀              ▀▀▀▀▀▀▀▀▀▀▀   ▀▀▀▀   ▀▀▀▀▀▀▀▀▀▀▀▀  ▀▀▀▀        ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀   ▀▀▀▀▀▀▀▀▀▀▀▀        ▀▀▀▀       ▀▀▀▀        ▀▀▀▀▀

#1 CRYPTO CASINO & SPORTSBOOK
▄▄▀▀▀▀▀▀▀▀▀▄▄
▄█▀▄▄▀▀█▀▀▀█▀▀▄▄▀█▄
▄█▀▄▀▀█ ▄█▄▄▄█▄ █▀▀▄▀█▄
▄▀▄██▄▄▀▀▄▄ ▀▄▄▀▀▄▄██▄▀▄
▄█ ████ ███▌▐███ ████ █▄
█ ████ ████ ███ ████ ████ █
█ ████ ███ ▄▄▄▄▄ ███ ████ █
█ ████ █▀▄█▀▀▀▀▀█▄▀█ ████ █
▀█ ████ ██ ▄▀▀▀▄ ██ ████ █▀
▀▄▀██▀█▄▄ ▀▀▀▀▀ ▄▄█▀██▀▄▀
▀█▄▀█▄▄▀▀█████▀▀▄▄█▀▄█▀
▀█▄▀▀██▄▄▄▄▄██▀▀▄█▀
▀▀▄▄▄▄▄▄▄▄▄▀▀
OFFICIAL
BETTING
PARTNER
.INSTANT & FAST..
.TRANSACTION.....
.PROVABLY FAIR..
......& SECURE......
.24/7 CUSTOMER.
.............SUPPORT.
BTC      |      ETH      |      LTC      |      XRP      |      XMR      |      BNB      |     more
Pmalek
Legendary
*
Offline Offline

Activity: 1876
Merit: 3157


Powerful promotion strategy https://bit.ly/3cRVjFi


View Profile
December 15, 2020, 08:42:54 AM
 #76

Nothing received yet on new email I created, but it is interesting that I didn't receive any legit email from Ledger also, even if I am subscribed to their newsletter, so maybe they shut it down totally I don't know
They are still sending out those newsletters. I got my first one the day after I created my new email and registered for their newsletter. Maybe it is sent once a month or twice, and it just happened that I signed up the day before it was scheduled to be sent anyway.



...it's just a matter of time before they start targeting family members.
I would find that more troublesome than getting them myself.

ETFbitcoin
Legendary
*
Offline Offline

Activity: 2072
Merit: 3389


NotYourKeys.org - Not Your Keys, Not Your Bitcoin


View Profile
December 15, 2020, 11:47:30 AM
 #77

Given that every fucking scammer knows "here is an address of a person who might have a decent amount of crypto because they bought a hardware wallet" it's just a matter of time before they start targeting family members.

One only can hope their family member uses email provider with good spam filter and don't fall to such scam easily.

Nothing received yet on new email I created, but it is interesting that I didn't receive any legit email from Ledger also, even if I am subscribed to their newsletter, so maybe they shut it down totally I don't know
They are still sending out those newsletters. I got my first one the day after I created my new email and registered for their newsletter. Maybe it is sent once a month or twice, and it just happened that I signed up the day before it was scheduled to be sent anyway.

On most email newsletter, you can choose what kind of newsletter you want to receive (e.g. tips, new update or just important news).
It's possible you either didn't opt-in or intentionally opt-out from specific newsletter, i don't know whether ledger newsletter is opt-in/opt-out by default though.

dkbit98
Legendary
*
Offline Offline

Activity: 1344
Merit: 2849


Powerful promotion strategy https://bit.ly/3cRVjFi


View Profile WWW
December 15, 2020, 11:56:48 AM
 #78

Again I see people who recently purchased Ledger getting this phishing emails and sms from scammers.
Here is latest example from guy who purchased ledger just two weeks ago:
Quote
I just bought the Ledger two weeks ago. Now I am receiving a bunch of phishing emails I never got before from senders posing to be from Ledger.
I know there was a database breach a long time ago, but I just bought the Ledger X. Is there an inside employee leaking these emails? How can my email have been compromised within two weeks?
https://www.reddit.com/r/ledgerwallet/comments/kd6kbs/i_just_bought_the_ledger_two_weeks_ago_now_i_am/

And there are numerous reports on Legder not properly addressing tax, so people need to pay double taxes when they receive their wallet package.
What a joke   Cheesy

Given that every fucking scammer knows "here is an address of a person who might have a decent amount of crypto because they bought a hardware wallet" it's just a matter of time before they start targeting family members.
Exactly, and they can sell all customer data to any local criminals and gangster if they want.

aesma
Hero Member
*****
Offline Offline

Activity: 1624
Merit: 674


fly or die


View Profile
December 16, 2020, 01:21:22 AM
 #79

When you buy from a foreign country, outside of a trading block, duties are always tricky. I buy tons on cheap stuff on aliexpress and clearly nobody pays the taxes, it's just a game with the customs officer, sometimes you're caught and you pay.

A ledger being small they might go through fine most of the time.
LTU_btc
Legendary
*
Offline Offline

Activity: 2170
Merit: 1062



View Profile WWW
December 16, 2020, 09:22:44 PM
 #80

When you buy from a foreign country, outside of a trading block, duties are always tricky. I buy tons on cheap stuff on aliexpress and clearly nobody pays the taxes, it's just a game with the customs officer, sometimes you're caught and you pay.

A ledger being small they might go through fine most of the time.
Can you tell how phishing emails and taxes for goods is related?
Anyway, I think it's correct to compare Aliexpress and Ledger. When you buy from Ledger store, VAT is already added into final price. It depends on every seller what price they show on goods declaration and also it depends on customs of each country.
By the way, at least in Europe it won't be that easy to buy goods from China without paying taxes. From 2021, we will have to pay VAT for all goods from China, there will be no more exceptions for stuff which costs less than €22. Sorry if it's slightly off-topic Cheesy.




▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄    ▄▄▄▄                  ▄▄▄   ▄▄▄▄▄        ▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄▄    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄▄▄▄   ▄▄▄▄▄▄▄▄▄▄▄
 ▀████████████████▄  ████                 █████   ▀████▄    ▄████▀  ▄██████████████   ████████████▀  ▄█████████████▀  ▄█████████████▄
              ▀████  ████               ▄███▀███▄   ▀████▄▄████▀               ████   ████                ████                   ▀████
   ▄▄▄▄▄▄▄▄▄▄▄█████  ████              ████   ████    ▀██████▀      ██████████████▄   ████████████▀       ████       ▄▄▄▄▄▄▄▄▄▄▄▄████▀
   ██████████████▀   ████            ▄███▀     ▀███▄    ████        ████        ████  ████                ████       ██████████████▀
   ████              ████████████▀  ████   ██████████   ████        ████████████████  █████████████▀      ████       ████      ▀████▄
   ▀▀▀▀              ▀▀▀▀▀▀▀▀▀▀▀   ▀▀▀▀   ▀▀▀▀▀▀▀▀▀▀▀▀  ▀▀▀▀        ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀   ▀▀▀▀▀▀▀▀▀▀▀▀        ▀▀▀▀       ▀▀▀▀        ▀▀▀▀▀

#1 CRYPTO CASINO & SPORTSBOOK
▄▄▀▀▀▀▀▀▀▀▀▄▄
▄█▀▄▄▀▀█▀▀▀█▀▀▄▄▀█▄
▄█▀▄▀▀█ ▄█▄▄▄█▄ █▀▀▄▀█▄
▄▀▄██▄▄▀▀▄▄ ▀▄▄▀▀▄▄██▄▀▄
▄█ ████ ███▌▐███ ████ █▄
█ ████ ████ ███ ████ ████ █
█ ████ ███ ▄▄▄▄▄ ███ ████ █
█ ████ █▀▄█▀▀▀▀▀█▄▀█ ████ █
▀█ ████ ██ ▄▀▀▀▄ ██ ████ █▀
▀▄▀██▀█▄▄ ▀▀▀▀▀ ▄▄█▀██▀▄▀
▀█▄▀█▄▄▀▀█████▀▀▄▄█▀▄█▀
▀█▄▀▀██▄▄▄▄▄██▀▀▄█▀
▀▀▄▄▄▄▄▄▄▄▄▀▀
OFFICIAL
BETTING
PARTNER
.INSTANT & FAST..
.TRANSACTION.....
.PROVABLY FAIR..
......& SECURE......
.24/7 CUSTOMER.
.............SUPPORT.
BTC      |      ETH      |      LTC      |      XRP      |      XMR      |      BNB      |     more
Pages: « 1 2 3 [4] 5 6 7 8 9 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!