The manufacturer of hardware crypto wallets, Ledger, has confirmed a new fraudulent scheme aimed at stealing users' seed phrases. Scammers are sending out paper letters that supposedly contain a notification about a 'critical security update.' The letter states that owners must confirm their wallets by entering the recovery phrase after scanning a QR code. The author of the letter warns of potential access restrictions to funds if the instructions are not followed. However, experts say this is a classic phishing scheme. Scammers use databases with leaked addresses to send out such letters. Ledger has confirmed that its employees never ask for recovery phrases and do not reach out to users first. Last year, scammers already sent phishing email notifications about a service hack. Users are advised to be extremely cautious and not to enter their secret phrases in response to suspicious requests.
