[Phishing Alert] Ledger wallet's phishing security update..

[ScamViruS]

I recently received an email titled Ledger Exploit Fixed: CVE-2025-3847. I read that email and thought for a while that it must be genuine. But when I receive such emails, I am a little more careful to verify whether it is genuine or not. So after examining this email in detail, I found that this is a dangerous move by scammers, a little carelessness can turn into a nightmare for a crypto user. This is not an official email, if you pay attention carefully, you will understand. So, those of you who receive these emails, never click on the link, as doing so can make you a victim of phishing.



Scammer's Email Address :

Code:

ledger@royalcanin.com

If you click on the link in the email, the website will first tell you that there is a new update available for your ledger, so connect your ledger for security reasons! And this is the final stage of scammers' attempts to scam a ledger user. So never connect your ledger to this fake website, it is a phishing website created by scammers to hack your wallet. Always be careful before connecting your ledger wallet to any site to see if that website is genuine or not.

Website Link :

Code:

https://dash-ledger.com/

Domain:
dash-ledger.com
Registered On:
2025-11-05
Expires On:
2026-11-05
Updated On:
2025-11-05
Status:
client delete prohibited
client transfer prohibited
Name Servers:
ignacio.ns.cloudflare.com
pola.ns.cloudflare.com

Virustotal Report : https://www.virustotal.com/gui/url/d48995e4130b6711b3d5162b13c7da9cc3500d738968f8add64c0b95aeea6951

[BitMaxz]

It seems that this email: @royalcanin.com is known scammer selling fake pet food.
How this scammer changed his target to crypto users: they mainly target pet owners to sell fake pet food.

This is how scammers can easily think of any ways just to find a victim, even if the site isn't related to crypto.

[Amphenomenon]

It seems that this email: @royalcanin.com is known scammer selling fake pet food.
How this scammer changed his target to crypto users: they mainly target pet owners to sell fake pet food.

This is how scammers can easily think of any ways just to find a victim, even if the site isn't related to crypto.

The world is innovative either in the good or bad way ironically, and scammers aren't an exception on this innovation. When a business is not really profitable or when someone a better business, they opt for it or do both and this is a similar scenario with this scammer.

While he/she switched targets they are still scammers and the fact that they are switching to the crypto space shows why we ourselves shouldn't slack off but rather be innovative and informative on the latest scams and how to prevent those around you and yourself for becoming victimized.

[julerz12]

I recently received an email titled Ledger Exploit Fixed: CVE-2025-3847. I read that email and thought for a while that it must be genuine. But when I receive such emails, I am a little more careful to verify whether it is genuine or not. So after examining this email in detail, I found that this is a dangerous move by scammers, a little carelessness can turn into a nightmare for a crypto user. This is not an official email, if you pay attention carefully, you will understand. So, those of you who receive these emails, never click on the link, as doing so can make you a victim of phishing.

Is your e-mail publicly known? If not, then either these hackers got it from a data leak (probably bought from some hacker from the dark web) or one of the sites you signed up for sold your info.
Quite weird you got that phishing e-mail, 'cause I didn't even though my e-mail is plastered everywhere (not that I wanted one), especially in this forum. 

[crwth]

I was supposed to post something similar to this topic, but fortunately, I saw the subject.

What I experienced is like this. I received an email titled "Security Patch: CVE-2025-4781" from a Verified Account named Ledger. It was pretty obvious it was a phishing email, but it could still fool someone.



With the checkmark like that and the way it looks, it really looks professionally made.



The "Open Ledger Live" button points to the URL below (I SS'd part of it, not the entire one). 



I don't want to click, nor anyone should. It should be something that be aware of.

[ScamViruS]

~~~

Is your e-mail publicly known? If not, then either these hackers got it from a data leak (probably bought from some hacker from the dark web) or one of the sites you signed up for sold your info.
Quite weird you got that phishing e-mail, 'cause I didn't even though my e-mail is plastered everywhere (not that I wanted one), especially in this forum.  

I once used this email in a Ledger campaign, and the scammers are sending Ledger phishing links in that email. So it's clear that this is a targeted attack by scammers whose database was with Ledger.

Our contact information has been leaked to scammers because hackers were able to steal our information from Ledger's database. So the emails of those who participated in any of Ledger's campaigns are still available to scammers. So they are targeting ledger users using that database, because they have contact information of ledger wallet users and participants in any of the ledger wallet campaigns.

I was supposed to post something similar to this topic, but fortunately, I saw the subject.

What I experienced is like this. I received an email titled "Security Patch: CVE-2025-4781" from a Verified Account named Ledger. It was pretty obvious it was a phishing email, but it could still fool someone.

Yes, I also received this email, I saw it now. But the link in this email is not working now, the website of the link is down.

[UserU]

Is your e-mail publicly known? If not, then either these hackers got it from a data leak (probably bought from some hacker from the dark web) or one of the sites you signed up for sold your info.
Quite weird you got that phishing e-mail, 'cause I didn't even though my e-mail is plastered everywhere (not that I wanted one), especially in this forum. 

Ledger is like a gold mine, pretty sure those emails are premium when resold to different hackers.

[albon]

I once used this email in a Ledger campaign, and the scammers are sending Ledger phishing links in that email. So it's clear that this is a targeted attack by scammers whose database was with Ledger.

Our contact information has been leaked to scammers because hackers were able to steal our information from Ledger's database. So the emails of those who participated in any of Ledger's campaigns are still available to scammers. So they are targeting ledger users using that database, because they have contact information of ledger wallet users and participants in any of the ledger wallet campaigns.

I agree with that, and it's good that you warned the community about this phishing email that some people might receive if their email addresses were part of Ledger’s database..

Many believe that owning a hardware wallet means they are completely safe, but their wallets could still be compromised if they trust any email they receive without verification and connect their device through those dangerous phishing links..

The message looks very convincing, especially since it includes a verification badge next to the name “Ledger,” but if we check the sender’s email address, we’ll find that it’s not official.. It is best to change this leaked email to another email address and keep it away from the public.

The link in this email is not working now, the website of the link is down.

I am glad to hear that, and I expect they might come back again with another domain. For this reason, I need to be careful when dealing with emails.. Also, it would be positive to report these phishing domains as soon as we see them, because doing so will help protect many people from falling victim.

[Coyster]

Scammers targeting Ledger customers is a scenario we have seen and talked about a million times over. Ever since Ledger lost their customer database, the attacks have been nonstop. Designed in different ways, but the goal is to steal from the person if they are gullible or ignorant to fall for it. I even remember that a couple of months ago, some scammers attacked Ledger customers through sending phishing letters to their physical mail. That was something i had never seen before.

That said, OP is good that you warned people about it. I don't expect people to fall for this kind of scams, but people fall for cheaper scams, so the warning is pertinent.