Scammers aren’t just sliding into inboxes anymore — they’re sending letters straight to your home.
Some Ledger customers are reporting a disturbing new scam — fake letters arriving in the post, posing as urgent communications from the company’s security team, and asking for access to wallet recovery phrases.
Crypto trader Jacob Canfield raised the alarm on 29 April after receiving one of these letters, which falsely claimed to be from “Ledger’s Security and Compliance.”
The letter warned of a “critical security update” and told recipients to share their 24-word recovery phrase, threatening restrictions on wallet access if they failed to comply.
The letters appear to target victims of a previous data breach involving Ledger.
In 2020, hackers stole customer information, including names, emails, phone numbers, and home addresses of over 270,000 users.
This information was later leaked online, leading to a wave of phishing and physical scams.
According to Canfield, these new letters are being physically mailed to the victims of that breach.
He wrote on X,
“They are sending physical letters to the @Ledger addresses database leak requesting an ‘upgrade’ due to a security risk.”
The letter mimics official branding and uses fear tactics to convince users to give up their secret phrase — the only thing protecting their crypto assets.
Ledger responded quickly, confirming the letter is fraudulent.
In a warning to users, the company said,
“Scammers impersonating Ledger and Ledger representatives are unfortunately common. While we actively report and block scammers, we can't control what accounts — real or bots — choose to say in their emails, phone calls, bios or usernames on X. This remains an ongoing challenge across platforms.”
It followed up with a firm reminder to the community,
“Always remember: Ledger will never call, DM, or ask for your 24-word recovery phrase. If someone does, it's a scam. Stay cautious and keep your crypto safe.”
This type of scam is not new to Ledger.
Back in 2021, scammers mailed tampered devices to customers in an attempt to compromise their wallets.
The ongoing nature of these impersonation attempts is a reminder of how persistent and varied phishing efforts can be.
To complicate matters, Ledger had recently sent a legitimate letter campaign between 5 and 7 November last year.
This official message was aimed at a small group — around 4,200 users — who purchased a Ledger device bundled with a one-year prepaid subscription to Ledger Recover.
The purpose was to remind them to activate their subscription before the code expired.
Ledger provided a scanned image of how the legitimate letter looks and noted on the points to look out on its authenticity. (Source: Ledger)
However, Ledger made it clear that even in these legitimate letters, users are never asked to provide their recovery phrase.
The company provided guidance for verifying if a letter is genuine, stating that official mail will only direct users to take action through the Ledger Live app and will always include a warning:
“⚠ Beware of phishing attacks. Never share the 24 words of your recovery phrase with anyone. Ledger will never ask for them.”
Ledger is urging users to remain alert.
If anyone receives a physical letter outside the scope of the November campaign, they are advised not to follow its instructions, not to share their recovery phrase, and to report the incident.
The company warned,
“Ledger will never ask for your 24-word Secret Recovery Phrase. Do not enter your 24-word Secret Recovery Phrase online.”
Canfield also urged Ledger to update its public guidance, noting that scam tactics have evolved beyond calls, texts, and emails — with physical mail now part of the threat.
Ledger has reassured its users about the robustness of its security,
“At Ledger, we've designed our technology so that your crypto and private keys remain safe, regardless of external incidents. Ledger devices are purpose-built to keep your assets secure and entirely under your control — always.”
Physical mail, it seems, has now become the newest tactic in the ongoing battle against crypto fraud.
Polymarket has integrated Solana’s network to reduce transaction fees and improve user experience, making it easier for retail traders to participate. Despite facing regulatory challenges, the platform continues to grow in popularity, especially in political forecasting, and has become a key player in blockchain-based prediction markets.
WeatherlyBinance is investigating a staff member accused of using insider knowledge from a BNB Chain role to front-run a token launch.
KikyoAB DAO announced today that its global recall initiative has achieved phased success: so far, 28 BEP2 NEW (NEW-09E) token holders have completed the cross-chain process, successfully converting 7,253,997 NEW-09E tokens into AB mainnet assets, officially joining the AB blockchain ecosystem.
AlexStandard Chartered replaced Tesla with Bitcoin in its "Mag 7B" index, showing better returns and lower volatility. Bitcoin's growing institutional adoption and Nasdaq correlation suggest it is becoming a mainstream investment asset.
AnaisAs artificial intelligence continues to evolve, it is poised to become the ultimate travel companion—anticipating needs, streamlining logistics, and redefining the way people explore the world.
CatherineCircle's USDC has been approved for launch in Japan, starting on March 26, 2025. It will be traded on SBI VC Trade and other major exchanges, with plans for wider adoption across Japan and global expansion into markets like the Philippines and Dubai.
AnaisCrypto.com faces backlash for reissuing 70 billion CRO tokens once declared permanently burned, sparking allegations of manipulation. Analyst ZachXBT claims the exchange misled users and controls most of CRO’s supply, raising trust concerns. Is this profit-driven or truly community-driven, as the CEO insists?
CatherineAbracadabra lost $13 million in ETH due to a hack targeting GMX-linked pools. GMX denies its smart contracts were involved, raising questions about the vulnerability and each platform's role.
KikyoLeaked messages from US officials, including Vice President JD Vance and Defense Secretary Pete Hegseth, criticized Europe as "freeloading" and suggested that Europe should pay for US military operations. This has caused outrage in Europe, with leaders questioning the future of transatlantic relations and the reliability of the US as an ally.
AnaisAardvark Weather, an advanced AI model using atmospheric data, provides high-resolution forecasts with exceptional accuracy. Developed by UK and Canadian researchers, it promises to revolutionise weather prediction by making it more accessible and efficient.
Catherine