Industry Exec Sounds Alarm on Ledger Phishing Letter Delivered by USPS
A recent phishing attack has sent shockwaves through the cryptocurrency community, with a scammer posing as Ledger, a reputable hardware wallet manufacturer, sending physical letters to crypto users instructing them to "validate" their wallets or risk losing access to funds.
The incident reveals the ever-evolving tactics scammers employ against the crypto community and serves as a reminder to remain vigilant. The phishing letter, which featured a QR code supposedly linked to a malicious phishing site, was sent through the United States Postal Service (USPS), according to BitGo CEO Mike Belshe.
"These are all scams, do not fall for any of these," Troy Lindsey wrote after receiving a copy of the phishing letter. His warning echoes the cautionary tale of other recent phishing attacks that have targeted crypto users, highlighting the ever-evolving complexity and tactics of social engineering scams designed to steal crypto private keys, user funds, and other sensitive data from unsuspecting victims.
This phishing attempt highlights the need for crypto users to be cautious when receiving unsolicited communications, especially those that seem too good (or bad) to be true. It also underscores the importance of verifying the authenticity of any communication or request for sensitive information before taking action.
The Rise of Phishing Attacks in Crypto
Phishing attacks have become a significant concern for the cryptocurrency community, with scammers using increasingly sophisticated tactics to trick users into divulging sensitive information or compromising their accounts.
In recent months, there have been several high-profile phishing attacks targeting crypto users, including a $330 million Bitcoin heist in April 2025. According to onchain detective ZackXBT, two suspects were identified as 'Nina/Mo' and 'W0rk,' who operated a call scam center in Camden, UK.
Another recent incident involved Coinbase, which was targeted by phishing scammers who demanded a $20 million ransom after customer service contractors leaked user data to threat actors. The exchange refused to pay the ransom, but the incident highlighted the importance of robust security measures to protect user data and accounts.
The Importance of Verification
In the face of these increasing phishing attacks, it is essential for crypto users to remain vigilant and verify the authenticity of any communication or request for sensitive information before taking action.
"The fact that Coinbase refused to pay the ransom and instead took steps to protect its customers highlights the importance of verifying the authenticity of any communication or request for sensitive information," said TechCrunch founder Michael Arrington. "If a company is willing to pay a ransom, it's likely because they are not taking adequate security measures to protect their users' data.
"This will lead to physical violence against customers exposed in the hack, as the scammers will continue to target them with phishing attacks and other forms of cybercrime. It's crucial that companies prioritize user security and take proactive steps to prevent these types of incidents."