Beware of phishing attempts

We've received reports from users falling victim to phishing attacks on social media such as Reddit, Twitter, Facebook. Users are either directly asked to provide their 24-word recovery phrase, or led to fake Ledger websites that ask them to enter their 24-word recovery phrase.

  Security tips

  • Reminder: Anyone with access to your 24-word recovery phrase can take your assets.
  • Never enter your 24-word recovery phrase anywhere else than on your Ledger device.
  • Ledger staff will never reach out to you on social media.
  • Only use our official contact form at https://support.ledger.com/hc/requests/new

We strongly encourage affected users to file a police report in their jurisdiction. Should you have any doubts or if you think you might be targeted by a phishing attempt, please contact us immediately: https://support.ledger.com/hc/requests/new

Detect phishing websites

Install the MetaMask browser extension to get a warning when visiting a domain that's been reported as a malicious website. 

detection.png

Examples of malicious attacks

Phishing website

phishing.png

Never enter your confidential 24-word recovery phrase on any other device than your Ledger hardware wallet!

phishing-2.png

Beware of fake emails impersonating Ledger pushing malicious software! 

phishing-mail.png

 

fake-app.png

Never enter your recovery phrase on any other device than your Ledger hardware wallet

fake-recovery.png

WARNING: Beware of phishing attempts!
Was this article helpful?
104 out of 112 found this helpful