Watch Out: Fake Ledger Hardware Crypto Wallets Mailed - Scammers Try Out USB Social Engineering Trick

Bleeping Computer reported scammers mailed fake Ledger hardware crypto wallets to Ledger users. The scammers used several pages from the social engineering playbook. The devices arrived in neat, shrink-wrapped packaging along with a letter. The phony letter cited an actual data leak in 2020. The letter said the user’s data was leaked and the device needed to be replaced. Ledger did suffer a data breach in June 2020 after an unauthorized person accessed their e-commerce and marketing database that spawned a lot of phishing scams. The devices were analyzed, and it appears that it’s a USB drive that drops malware. Once the user enters their recovery seed it could be game over. Sounds like the old USB drop attack with a twist. Bleeping Computer has story and pictures of device. Ledger added this one to their phishing alert page. Do you think this social engineering scam will be successful?

1 Like

Privacy Policy | Terms of Service