Ledger customers are now facing a significant increase in phishing attempts after a major leak of email and private information affected them in early 2020.
Crypto scammers have managed to conduct a successful scam that netted at least 1,150,000 XRP from unsuspecting Ledger users. As the world shifts do the digital space to combat the spread of COVID-19, more scammers and cybercriminals have come up. These criminals have attacked almost every facet of the digital space, and cryptocurrencies have not been spared.
Ledger customers are now facing a significant increase in phishing attempts after a major leak of email and private information affected them in early 2020. The latest scam utilized a phishing email well-designed to direct the unsuspecting users to a phony version of the Ledger site. They succeeded in doing that by substituting a homoglyph in the URL.
Interestingly, for this case, they used a letter similar to the letter ‘e’ but it was not the letter. This strategy increases the scammers’ chances of success since some investors might not be keen to double-check the involved URL. After the victims were redirected to the fictitious site, they were tricked into downloading malware that was designed as a security update.
This phishing scam (notice the fake domain lẹdger.com), has already stolen more than 1,150,000 XRP from @Ledger users. Please watch out!
We will follow the money. pic.twitter.com/Q8XD2awdo7
— XRP Forensics (@xrpforensics) November 2, 2020
The malware managed to drain the victim’s balance from their Ledger wallets. After the scammers collected the XRP funds, they sent them to Bittrex across five deposits, according to xrplorer, a community-operated fraud awareness platform. However, the exchange could not freeze the stolen XRP in time.
Ongoing Crypto Scam
In another continuing scam, there is a phishing email that is well-designed to appear like it is coming from the official account from “Team Ripple”. In this email, the cybercriminals try to dupe Ledger users by floating an XRP giveaway. The purported giveaway aims for the “whitelisted addresses” as part of a “Community Support Program.”
Reviewing the registration process shows that it urges the customers to hand over their customer’s Ledger seed phrase or crypto private key which, in turn, will allegedly qualify them for the scammer’s non-existent program.
Ledger is aware of a July 29, 2020 email that was sent to its users. That email was part of a major data breach that affected almost one million email addresses. Furthermore, the personal details of a subset of 9,500 customers were exposed. Although this attack that caused a leak on the Ledger website was speedily repaired, the damage was already done.
Today, the cybercriminals appear to be crafting ingenious strategies. They are using the addresses that they harvested to trick Ledger users into giving up their crypto funds.
Phishing Scams Are Not New
The strategy of crypto credential phishing via homoglyph-containing URLs is not a new phenomenon. These types of scams have targeted XRP holders throughout this year, even before the email leak.
In 2018, cybercriminals created a fictitious Binance site that even had an SSL certificate. But, keen users noticed the ‘n’ was replaced with a strange version that had an underdot (ṇ).
Earlier this year, developers of a phony Google Chrome extension for Ledger successfully stole 1.4 million XRP within a month.
Wanguba Muriuki is a content crafter passionate about putting everything into writing. He is passionate about Blockchain and Traveling. He is also an experienced creative and technical writer. Everything and everyone has a story to tell. What better way to capture the real story than in words.