Ledger owners lose 1.1 million XRP!!

[Smitty Werben Man Jensen]

XRP again and again, I always hear bad news for XRP, is there no good news about XRP?
I understand the feelings of the holders, if XRP doesn't follow the next altcoin season, then this is bad history for XRP,
come on! XRP must have a good news. if if 1.1 million XRP were sold, I couldn't imagine what would happen in the market.

[The Cryptovator]

The first mistake happened by the Ledger team since they failed to protect their user's database. But unfortunately, we can't do anything that already happened. Since Ledger admits their mistakes and published the story behind it, that means we are aware of the leak of the database from Ledger. So when you have been receiving spam mails (unwanted mails) means there is something suspicious. Asking security updates by mail is more suspicious when it questions about fund management. Even I don't update my Ledger Live from the software. Yesterday I updated my Ledger live from the official website of Ledger. Just install the new version so it will replace the old version automatically. I often did it for my all wallet software.

[Valak]

Ledger owners lose 1.1 million XRP to scam site.

After a major leak of email and personal information earlier this year, Ledger customers are experiencing a surge in phishing attempts.

Here is full details
https://cointelegraph.com/news/ledger-owners-lose-1-1-million-xrp-to-scam-site

To access to email / gmail is not an easy thing. It takes serious efforts to hack an email, because Google has made high security. But what we need to do is to take advantage of the strongest possible security system. GA, is a security key that can be difficult for hackers to penetrate. SMS notifications are also the best part of keeping your email safe.
If we use the email for any platform, use a different password for each platform.

Likewise with the hardware we use, if you have access to email. Try to use a different password.

[ostrogoto2012]

How is it possible today to lose so much money with a phishing site, you just have to be carefull and make sure you are on the right website!

[republicrypto]

Another proof that the main treat for your money is you. If person is stupid enough than he will lost money even on hardware wallet

Thats right,  and people must double check before they click any link from their email
 but how can ? This scam site know the email address from ledger users
Regards

[el kaka22]

Phishing is something we really have to consider when we are using these type of wallets. When I am using my own metamask I realize that there is a big possibility my metamask could be compromised and that is why I care about which website I go to. Think about going to wrong website for just a second and allowing them to connect to your metamask, all of your money could be gone in seconds.

Someone who can build a fake website that resembles another website plus adds in option to connect to metamask could very well build a bot or a system that could empty anyone's metamask automatically without intervention which means it would just minutes before your money is gone. We are so used to going to many places and connect with our metamask, so we may not even realize we are getting hacked. Same goes with ledger, I just gave examples from metamask because I use that one.

[casperBGD]

Phishing is something we really have to consider when we are using these type of wallets. When I am using my own metamask I realize that there is a big possibility my metamask could be compromised and that is why I care about which website I go to. Think about going to wrong website for just a second and allowing them to connect to your metamask, all of your money could be gone in seconds.

Someone who can build a fake website that resembles another website plus adds in option to connect to metamask could very well build a bot or a system that could empty anyone's metamask automatically without intervention which means it would just minutes before your money is gone. We are so used to going to many places and connect with our metamask, so we may not even realize we are getting hacked. Same goes with ledger, I just gave examples from metamask because I use that one.

yeah, but connect with Metamask should not allow website to clear your funds, just to see it, you need to confirm that you want to send your funds to that site, and for that, they need either your consent, or to hack your computer, i am pretty sure that by just connecting wallet to see the website, website cannot drain your wallet, since Metamask interrupts all transactions, and ask for permission

could you explain a little bit better your thoughts

[Mulann2]

The problem with a lot of people is they think hardware wallets are the ultimate security (and technologically they are) but it all boils down to user. You can put million dollar tech in a user's hands and it's worth zero if their online behaviors continue to be risky. You can put a free cheap tech (Wallet like Electrum) in a good user's hands and he uses it well with no issues.

Yeah, and it is a common recommendation in this forum, anytime someone ask for best and safest place to store their crypto assets, hardware wallet is often the number one recommendation but many people fail to understand that not everyone understand how to operate this hardware wallet and any mistake can probably lead to loss of funds, whichever way we chose to store our assets is okey as long as we are able to protect it properly.

[jossiel]

Ledger and concerned strangers on the web are tirelessly reminding everyone to be vigilant with the links that they click on their emails. Because phishing attempts are everywhere and Ledger is very much aware of it.

I always received an update from the official Ledger email with the name of Katie and on the website of Ledger.com, you'll see this message at the top.

Beware of phishing attacks, Ledger will never ask for the 24 words of your recovery seed. Never share them.

[Yaunfitda]

How is it possible today to lose so much money with a phishing site, you just have to be carefull and make sure you are on the right website!

It's because he didn't check everything before clicking that phishing site until it was too late when he lost a whopping $1 million already. That's why we really need to think twice before clicking any link specially crypto related in our email because we really don't know for sure if that is a phishing link or not. Reminders are good, but if you are a Ledger user and not taking notes or reading them, then one day you might fall for this attempt.

[Strongkored]

Should be hardware wallets are the safest places to store our crypto, but without right knowledge this can happen. This is a fatal error from the ledger because user data are leaking.
Never click on a link from an email, especially if it is a bit suspicious, it would be better to bookmarks websites related to our crypto assets and if you want to know about the update it is better to find from official website not from the email notification.

[Btra]

How it is possible to transfer your asset without your wallet permission granted from the hardware wallet like Ledger. Everybody knows that it works online whenever you want otherwise all your asset kept in offline mode like a cold store. For hacking of your wallet, it required your 12 passphrases. So, mere leakage of email can't compromise a hardware wallet.

[jademaxsuy]

Well, another lesson to learn. In the world of cryptocurrency where there is a full of treat one must be creative when storing crypto and should not believe anything that has been sent to your email or something. Usually it is a trap and that one should avoid in getting to it. I suggest that whenever you wanted to invest in cryptocurrency is to make it offline and never let someone access it through the internet. Meaning to say that you should remain to store your crypto offline. The rest is that you need to be careful not to get affected by scam attempt using email with their trap being set up for you.

[Yogee]

How it is possible to transfer your asset without your wallet permission granted from the hardware wallet like Ledger. Everybody knows that it works online whenever you want otherwise all your asset kept in offline mode like a cold store. For hacking of your wallet, it required your 12 passphrases. So, mere leakage of email can't compromise a hardware wallet.

It's not a mere leaking of email addresses. The users were phished from an email sent to them by the hacker. The owners who got the email downloaded a malware from a fake Ledger site. This malware got access to the wallet's seed phrases. Clear enough? You would have known all of that if you only read the article.

[Adreman23]

 I dont understand why other people are not careful despite of they have big amount of money on thier wallet. For example  if we have million of xrp on our ledger wallet it is our responsiblities to become meticulous by checking 10 times or even 20 times every letters of website before clicking and visiting them, if you'll spot a substituted a homoglyph in the URL dont click and delete it immediately because 100 percent it is a phising site.

[Yogee]

......
It's not ledger fault it's the owner's ignorance of trusting phishing site and phishing emails , scammers and hunters will not stop sending phishing emails and you as an owner of ledger wallet or any wallet it's your responsible to detect if the incoming emails are phishing attempts, if hackers are good you should be good at protecting your wallets too.

Absolving Ledger here is not the right way to go. Hackers got those emails from Ledger's data base in the first place. Those are probably personal and private accounts which they entrusted it to the wallet provider. They are still liable in part and those customers can sue them for damages in not protecting their data.

[masterrex]

That was a very unfortunate incident thats why we should double-check any link first before we are going to accept it. so that we can minimize the risk of being victimized by phishing attacks. But why the Ledger wallet? I thought it was safe to use, By the way, in my opinion, It's not the Ledger wallet fault. because according to the article, It was a very organized phishing link that when the first time you look at it, you won't suspect because it looks the same as the Ledger site. dont know what exactly happen so I cant conclude any at the moment, All I can say is be vigilant as always because fraudster and thieves are always lurking around and waiting for the right time to attack.

[MishaSER]

That was a very unfortunate incident thats why we should double-check any link first before we are going to accept it. so that we can minimize the risk of being victimized by phishing attacks. But why the Ledger wallet? I thought it was safe to use, By the way, in my opinion, It's not the Ledger wallet fault. because according to the article, It was a very organized phishing link that when the first time you look at it, you won't suspect because it looks the same as the Ledger site. dont know what exactly happen so I cant conclude any at the moment, All I can say is be vigilant as always because fraudster and thieves are always lurking around and waiting for the right time to attack.

Yes, you are right, but there will always be people who are just getting to know crypto, probably everyone has gone through it. For example, they also stole cryptocurrency from me, although I check everything very carefully.

[Findingnemo]

Ledger owners lose 1.1 million XRP to scam site.

After a major leak of email and personal information earlier this year, Ledger customers are experiencing a surge in phishing attempts.

Here is full details
https://cointelegraph.com/news/ledger-owners-lose-1-1-million-xrp-to-scam-site

No matter how secured wallet you are using,still you are responsible to hold everything right and here the owner of the wallet lost his assets just because of phishing attack so who is going to store huge amount of cryptocurrencies have to learn more about it because security of your funds is more important than anything.

[error08]

There are more than 45 billion xrp in circulation and losing 1,1 million worth $287,500 maybe not worth significant compare to the circulating supply to affect the price.
Pishing site is one of the most common ways to hack, although it's easy to spot a substituted homoglyph, some people still fall for this trick, which means they are not paying attention to the URL. Yes, Ledger is part of this mistake but it's our duty to secure our asset and be careful of whatever may come to steal it.