JAN 16, 2024
How To Recognize Ledger Scams - Three Phishing Attempts Explored
Ledger spear phishing scams - Learn about the techniques they use to convince their victims to disclose wallet seed phrases.
In this post, we will explore three Ledger phishing scams so you can learn how to recognize them easily:
- First Phishing Scam: The victim's details are for sale on the dark web. One scammer who purchased the victim's details has organized a rather credible spear phishing attack.
- Second Phishing Scam: In this second case, it gives the impression that the scammers are still learning the basics, so their scam is rather basic with a very low probability of success.
- Thirst Phishing Scam: The scammers have put effort into creating a credible phishing website that, when doing our research, was not yet flagged as malicious.
Recognizing 99% of phishing scams is quite straightforward if you know what to look for.
So, we hope that by the end of this post, you have learned how to stay clear from most phishing attacks.
First Ledger Scam - We Know Who You Are
In this first Ledger phishing scam, the victim receives a phishing email stating that urgent action is required to ensure that the victim's Ledger account remains safe and available.
The email mentions the victim's name, surname, and phone number, which makes it more credible and highly increases the probability that an unsuspected victim falls for this scam.
This first Ledger Scam is an example of a Spear Phishing Scam.
Nobody should open a phishing email because most of those emails contain invisible tracking pixels that will notify the scammer and provide valuable information about the victim.
Or, even worse, opening a phishing email can be a step towards a sophisticated Man-in-the-middle (MitM) attack.
But anyone can have a bad day, and you may accidentally open a phishing email.
Just note that this action, opening a phishing email, will have consequences even if you don't click over any malicious link or attachment.
The sender of this first phishing email is 'lmsalertsATacquiroleadsDOTcom', a domain (acquiroleadsDOTcom) unrelated to Ledger.
A legitimate email from Ledger will be sent from the domain ledger.comLike the email from the example below.
Or the email from the example in the picture below, sent by a legitimate Ledger subdomain (news.ledger.com.Subdomains are a way to organize and structure websites, and they are created by adding a prefix (such as "news") to the main domain (in this case, "ledger.com").
So, "news.ledger.com" is a subdomain of "ledger.com.
An email from an unrelated domain, in this case from acquiroleadsDOTcom, should already be a clear indication that this is a phishing email, and anyone should close the email at this point, send it to the trash bin, and report it.
Like we have done in this example.
You don't need to open phishing emails to learn about them.
Let us do it to show you what they look like and how they convince their victims to take actions that will be detrimental to them.
Most phishing emails use amygdala hijack to induce panic and an irrational response from the victim.
The amygdala is a part of the brain that processes emotions, particularly the generation of strong emotional responses like fear.
An "amygdala hijack" occurs when the amygdala takes over and triggers a strong emotional reaction, often overriding logical or rational thinking.
Phishing emails often use tactics to induce panic or a sense of urgency to trick individuals into taking immediate action without considering the potential risks.
You should never click over any email attachments unless you are 100% sure that the email and attachments are legitimate.
But to show you what happens when you accidentally click on a malicious link, we have opened the phishing email attachment.
That, in this case, is a URL to a phishing page.
On this page, the scammer does request the victim to confirm identity, and for that, the following personal information is mentioned: name, surname, email address, and home address.
You will ask yourself: How come the scammer has that much of the victim's personal information?
Well, this happens because data breaches are quite common, and some years ago, many Ledger customers were victims of one such data leak.
If you have a Google account, you can easily find out if your account has been leaked to the dark web.
Returning to our First Ledger Scam, the scammer asks the victim to confirm the device model.
Once confirmed, the scammer requests the victim to provide the wallet seed phrase.
Because this is by far the easiest and most profitable target.
Second Ledger Scam - Scammer Still Learning
To continue reading this piece you'll need to support the author by logging in and connecting a wallet and locking ACS with them. By having an locked at least the minimum of 250 ACS locked, you'll be able to continue reading this piece.