Scammers impersonating hardware wallet manufacturer Ledger are sending physical letters to cryptocurrency users, asking them to "verify" their wallets, or risk losing access to their funds, marking a new wave of phishing attacks affecting the industry.
BitGo CEO Mike Belshe shared a picture of a scam letter that included a QR code, which could lead to a malicious phishing website. According to the executive, the letter was sent through the United States Postal Service (USPS).
"These are scams, do not be fooled," Troy Lindsey wrote after receiving the phishing email.
Cointelegraph reached out to Ledger for comment but had not received a response by the time of publication.
This phishing attempt highlights the evolving complexity of social engineering scams designed to steal cryptocurrency private keys, user funds, and other sensitive information.
Coinbase and cryptocurrency users faced a serious phishing attack
In April 2025, an elderly person lost $330 million worth of Bitcoin (BTC) through a phishing attack, a situation confirmed by blockchain detective ZachXBT in a post on April 30.
On May 15, Coinbase announced that it had become a target of a ransomware attempt, as its customer service contractor leaked user data, which was subsequently terminated by the company. The scammers demanded a ransom of $20 million, which Coinbase refused to pay. The leaked data included names, addresses, contact information, and other sensitive account data.
In the data breach, private keys, login credentials, or access to Coinbase Prime accounts were not affected.
