Cryptocurrency like Bitcoin has exploded in popularity over the last five years. Those who are really interested in the financial benefits go to great lengths to make sure they have everything they need to be successful.
And just like money in the real world, you need to store your cryptocurrency somewhere. Some users employ online companies to take care of their investments. Others prefer to keep all the details and credentials on their own hardware.
To do that, users need a secure way to protect the data, often through digital keys. Several companies sell digital keys, and most are no bigger than a USB drive. Cybercriminals have noticed this and are attempting to fake their way into the wallets of unsuspecting consumers.
Here’s the backstory
Targeting cryptocurrency enthusiasts who use Ledger’s Nano S and Nano X devices, scammers are trying to steal wallets from customers. The criminals send out fake devices to these users and tell them their current device isn’t secure.
This is naturally not the case, and once users plug the “secure” device into the systems, the criminals will be able to access and steal the content of the wallets.
The appeal in targeting Ledger users stems from the company’s ability to integrate with almost all cryptocurrencies, support various apps, and have sold over 1.5 million devices.
What you can do about it
In a blog post on the company’s website, Ledger acknowledges an active phishing campaign targeting its users.
The company suffered a data breach last year, exposing more than 1 million email addresses. It’s suspected that cybercriminals are using the stolen data to ship fake hardware to users.
The company warned that you shouldn’t use any device that has been sent to you if you didn’t request it.
“The fake letter explains that you need to replace your existing hardware wallet to secure your funds. This is a scam. The Ledger Nano is fake. A flash drive implant connects to the circuit board. It contains a file with a fake Ledger Live app,” Ledger explained on its website.
It added that when you connect it to your device, it will ask you to insert your 24-word recovery phrase into the fake Ledger Live app. This should also be a red flag, as the company points out that it will never ask you to share your 24-word recovery phrase.
If you are looking for reliable cryptocurrency wallet options, there are several to choose from.
Compatible with most cryptocurrencies, the Trezor One protects your assets against hackers, viruses and keyloggers. It can be used for cold storage and can be turned into a hot wallet for quick access to passwords and keys.
KeepKey claims to be one of the most secure Bitcoin wallets available. With bank-grade security, it is virus and malware-proof and supports several cryptocurrencies like Ethereum, Litecoin, Namecoin, Dogecoin and Dash.
For the real deal, the Ledger Nano S is one of the most popular hardware wallets available. By combining the Nano S with the Ledger Live app, you can be sure that your coins will be safe as it’s stored offline.
Cryptocurrency 101: Kim’s eBook for buying, selling and spending the safe way