Registration
 
All news
Top Stories
Editors' Picks
Crypto News
Financial News
Market Voices
Billionaires
Companies
Broker News
Regulators News
Andrey Mastykin
Andrey Mastykin

Ledger and Trezor customers face new phishing campaign

Ledger and Trezor customers face new phishing campaign
Mailed scam targets hardware wallet users

​Cryptocurrency users who rely on hardware wallets are facing a new wave of increasingly sophisticated scams, as fraudsters shift tactics from online phishing to physical mail.

Highlights

  • Scammers are sending fake physical letters to Ledger and Trezor users.
  • Victims are urged to scan QR codes and enter recovery phrases on phishing sites.
  • Recovery phrases grant full wallet access and should never be shared.

Authorities and cybersecurity researchers warn that owners of Ledger and Trezor devices are receiving letters at their home addresses that impersonate official company communications and attempt to trick them into surrendering their wallet recovery phrases, Сryptopolitan reports.

Physical mail scam targets hardware wallet users

The fraudulent letters, reportedly printed on branded letterhead, claim to come from the security or compliance departments of Ledger and Trezor. Recipients are told they must complete mandatory authentication or transaction checks to avoid losing access to certain wallet features.

In one example reviewed by cybersecurity expert Dmitry Smilyanets, Trezor users were instructed to complete an “authentication check” by February 15 or risk losing access to the Trezor Suite. The letter stated: “Note: While you may have already received the notification on your Trezor device and enabled Authentication Check, completing this process is still required to fully activate the feature and ensure your device is synchronized with the full functionality of Authentication Check.”

The letters direct victims to scan QR codes that lead to phishing websites designed to closely resemble official company domains. These websites then request users’ recovery phrases under the guise of device verification.

How the scam works

Once victims enter their recovery phrases, the data is transmitted to attackers, granting them full access to the associated crypto wallets. A recovery phrase is effectively a human-readable representation of the private key controlling the wallet. Anyone with access to it can move funds without restriction.

Browser security tools have flagged at least one of the phishing domains as malicious. A warning displayed in Chrome cautions users that attackers may attempt to trick them into revealing sensitive information.

It remains unclear how the scammers obtained users’ physical addresses. Both Ledger and Trezor have experienced data breaches in previous years that exposed customer information, raising concerns that leaked data may be fueling the campaign.

Companies urge vigilance

Hardware wallet manufacturers have repeatedly emphasized that they will never request recovery phrases under any circumstances. Such phrases should only ever be entered directly on the hardware device itself, not on a website or shared with anyone.

The shift to physical mail underscores the evolving tactics used by crypto criminals, who continue adapting their methods as digital users grow more security-aware.

Why it matters

The campaign highlights the persistent risks facing crypto investors, even those using hardware wallets considered among the safest storage options. Physical phishing attempts show that attackers are exploiting past data leaks to target victims offline. Users who disclose recovery phrases risk irreversible loss of funds, reinforcing the importance of strict self-custody security practices. 

Read also: Senators seek national security review of UAE stake in WLFI

This material may contain third-party opinions, none of the data and information on this webpage constitutes investment advice according to our Disclaimer. While we adhere to strict Editorial Integrity, this post may contain references to products from our partners.

Editor's Picks for You

How to build wealth from scratch in 3 practical steps
  • By Johnathan Maverick
  • 20 hours ago
How to build wealth from scratch in 3 practical steps
Editors' Picks
Kospi Index crash: Why South Korean market fell alongside AI stocks
  • By Eugene Komchuk
  • 23 hours ago
Kospi Index crash: Why South Korean market fell alongside AI stocks
Editors' Picks
Bitcoin or Ferrari: Which investment is better?
  • By Mira Kyivska
  • Yesterday
Bitcoin or Ferrari: Which investment is better?
Editors' Picks
All Editors' Top Picks

Latest Crypto News

EU crypto rules raise compliance costs, reshaping Web3 competition
  • By Dan Blystone
  • 14 hours ago
EU crypto rules raise compliance costs, reshaping Web3 competition
Crypto News
#Crypto #Cryptoreg
MetaMask launches wallet for AI agents with DeFi access
  • By Olga Shendetskaya
  • 15 hours ago
MetaMask launches wallet for AI agents with DeFi access
Crypto News
#Crypto
Sam Bankman-Fried formally seeks pardon from Trump
  • By Eugene Komchuk
  • 15 hours ago
Sam Bankman-Fried formally seeks pardon from Trump
Crypto News
#Crypto #FTX
All Crypto News
  • Johnathan Maverick
  • 20 hours ago
How to build wealth from scratch in 3 practical steps
  • Eugene Komchuk
  • 23 hours ago
Kospi Index crash: Why South Korean market fell alongside AI stocks
  • Mira Kyivska
  • Yesterday
Bitcoin or Ferrari: Which investment is better?
  • Mira Kyivska
  • 06.06.2026
Strategy sells Bitcoin: Small sale tests market confidence
  • Mikhail Vnuchkov
  • 05.06.2026
Ledger vs. Trezor: Search for ideal crypto wallet
  • Jose Antonio Gastelum
  • 36 min ago
Bitcoin seen as digital capital over XRP, Adam Livingston notes
  • Yulia Slavina
  • 56 min ago
Mohamed A. El-Erian: OpenAI joins SpaceX and Anthropic in major IPO wave
  • Parshwa Turakhiya
  • 1 hour ago
Brad Setser: China monthly trade surplus tops $100 billion despite oil price shock
  • Andreas Kristo
  • 2 hours ago
Joe Weisenthal: SpaceX IPO likely to draw strong retail participation despite risks
  • Yaroslav Dmytrenko
  • 2 hours ago
Bitcoin trades near $62,864 with lower lows signaling weakness, Anndy Lian notes
Weekly Top Bonuses
up to $2,500
deposit bonus for all clients
CLAIM BONUS
Your capital is at risk.
Top News
  • Eugene Komchuk
  • 15 hours ago
Sam Bankman-Fried formally seeks pardon from Trump
Sam Bankman-Fried formally seeks pardon from Trump
  • Ivan Andriyenko
  • 18 hours ago
Hayes dumps WLD days after Maelstrom's bullish call
Hayes dumps WLD days after Maelstrom's bullish call
  • Hanna Syniavska
  • 21 hours ago
Powell warns Trump pressure on Fed could threaten markets
Powell warns Trump pressure on Fed could threaten markets
  • Igor Krasulya
  • 22 hours ago
Nvidia bets on South Korea in AI infrastructure race
Nvidia bets on South Korea in AI infrastructure race
  • Olga Shendetskaya
  • 23 hours ago
Oil rises above $97 after new Israel-Iran exchange of strikes
Oil rises above $97 after new Israel-Iran exchange of strikes
Live News
  • Anton Kharitonov
  • Now
Alphabet decline intensifies amid record AI investment
  • Anton Kharitonov
  • Now
Microsoft declines amid AI expectation reset, but fundamentals remain strong
  • Dmytro Kharkov
  • Now
Snowflake tests post-earnings breakout as AI rally faces first challenge
  • Anton Kharitonov
  • Now
Apple under pressure as investor skepticism grows
  • Dmytro Kharkov
  • Now
Nvidia tests key support as Jensen Huang calls AI sell-off a buying opportunity
Who We Are
Business Solutions
For Users
TU News
Popular Sections
Disclosures
CONTACT US
Legal
We are in Social Media
© IAFT Ltd., 2010-2026 All rights to the website are owned by IAFT Ltd.,
Registration number - HE 336186
  • Risk disclosure:

    Information on the TradersUnion.com website is for informational purposes only and does not constitute any motive or suggestion to visitors to invest money. Moreover, we hereby warn you that trading on the Forex and CFD markets is always a high risk. According to the statistics, 75-89% of customers lose the funds invested and only 11-25% of traders earn a profit. Trading in futures and options carries substantial risk of loss and is not suitable for every investor.

    That is why you should only invest money that you are prepared — or can afford — to lose at such high risks. Tradersunion.com does not provide any financial services, including investment or financial advisory services. Also, the Traders Union is not a broker and does not get money for trading in the Forex or CFD markets. Our website only provides information on brokers and the markets and helps its users to select the best brokerage company based on detailed information and objective analysis of brokers.

  • Disclaimer:

    Traders Union (TradersUnion.com) shall not be liable for the consequences of trading decisions made by the Client and for the possible loss of his capital resulting from the use of this website and information published on it.

    Forex market, CFD and cryptocurrency trading involves high risks and is not suitable for everyone. Before investing money, you need to adequately assess the level of your expertise and be aware of the risks, particularly in the context of trading with leverage. The information on this website is not intended for distribution or use by any person in any country or jurisdiction, where such distribution or use would be in violation of the local law or regulation. Any payments by Traders Union (TradersUnion.com) to the users of our website shall be legally interpreted solely as an incentive on our part for the activity on the website in the form of a deduction of a part of the advertising income; they shall not be a subject of any claims of our users or our obligations, a subject of disputes, as well as cannot be considered in relation to the services provided to users by brokers, both in fact and in their completeness and volume. The administration of the website shall not be liable for the content of user comments and reviews about the companies and shall not verify whether the authors of the reviews are indeed real clients of a specific company. All reviews, both negative and positive are published on the website without verification of their reliability; only offensive reviews that call for violence or any kind of discrimination and also reviews published from one group of IP addresses are moderated and removed. The authors of the materials shall be fully liable for the accuracy, completeness and impartiality of any information in the articles and reviews, including in the context of their use or mention of any brand names or trademarks. All mentions of the names of companies and their brands in any materials on the website shall be made in the context of communication of socially important information to the people about their activities by independent journalists, who are the authors. All evaluations and indicators on the website express the subjective opinion of the authors of the reviews (articles) and shall not be viewed as accurate statements and be a subject of disputes and claims against Traders Union.

  • Disclosure of advertisers and revenues:

    All the services on the Tradersunion.com website are free for you to use. Our team spends thousands of hours per annum researching brokers and gathering information about them to help investors all over the world to choose reliable companies and to avoid fraudsters.

    Indeed, the curating, sourcing, and organization of this process requires substantial financial investment by Tradersunion.com, which the website earns in the form of advertising payments. There are two types of advertising services on the website — direct advertising or partner (broker) participation programs. However, no services purchased by our partners shall affect the recommendations on our website, or our opinions, or ratings. Our ratings are based on our objective rating criteria and methodology; and the results are always equally and fairly applied to each broker. The work of our content authors and research groups does not involve any interaction with our advertisers and they do not have access to data concerning the amount of advertising purchased. For over 10 years we consider our independence, absolute openness, and objectivity as our main priority. Please follow the links to each of our affiliated broker’s websites. This will help Tradersunion.com to continue to provide our services to you for free.

onepercentfortheplanet.org World Association of News Publishers https://gdpr.eu/ GDPR