- Scammers are imitating Ledger, pushing a fake update
- The fake Ledger email asks you to download a new Ledger Live app
- The fake Ledger app will steal your seed phrase and all your crypto!
Scams in the crypto world are often relatively easy to spot a mile off, but despite this, a LOT of people still fall for them. So, when a more well written and highly polished scam comes along, it usually does very well to harvest the data that the scammers want.
In the most advanced well-written phishing scam, scammers have mimicked Ledger, claiming malware on a Ledger Live server and that you need to click the link to update your software. Newsflash – it’s fake news.
Don’t Click the Link.
Whenever you get an email and great claims like this, you need to enter the suspicious mode automatically. Check the domain that the email is coming from and check it against the actual domain. Companies will always send emails using their existing domain name. When this doesn’t match up, you should automatically delete the email.
This phishing scam came from info@ledgersupport.io, but that’s not the Ledger URL, meaning it’s a scam.
Next up, we come to the link. This link will start the download of an app that reads like the Ledger Live app, and you’ll see a screen that looks just like the app. However, as soon as you try to restore your Ledger wallet, it will record your seed phrase, and you’ll lose all your crypto. So, do yourself a favor, don’t click the link.
But What Happens if it’s True?

If Ledger was to suffer some malware on its servers and you were required to update your Ledger Live app, it would be done automatically the next time you open up the app. The app communicates with the servers directly, and this is how you’d get updates for it. So, if there is a hack or something on Ledger’s servers, then anything you had to do would be automated.
Additionally, even if Ledger’s servers were compromised, as long as you don’t share your seed phrase with anyone, your crypto CANNOT be stolen. We repeat, if you don’t share your seed phrase, your crypto CANNOT be stolen. So, whatever you do, make sure you never, ever enter this phrase unless you’re 100% certain that it’s the legitimate Ledger Live app.
I Clicked the Link…
Suppose you saw the email, freaked out, and clicked the link. In that case, you probably should get some professional help from a psychologist and find out why you’re so terrified of these types of emails. If you don’t understand how wallets work and how secure they are, you probably should take a course and learn before you buy back into crypto.
If you clicked the link, that’s on you, not Ledger and not us. Ledger will not get your funds back because you shared your seed phrase with a scammer. You can kiss your crypto bye-bye because that’s never coming back.
No Comment