Ledger, the company behind popular cryptocurrency hardware wallets like the Nano S and the Nano X, has revealed that users are facing phishing attacks that are originating from hacked YouTube accounts. The company urged users not to share their 24-word seed phrases.
Ledger has revealed that it is facing a phishing attack that is stemming from hacked YouTube accounts. Several videos have been posted under the channel names ‘Ledger’ and ‘Ledger Nano,’ urging users to sign up for a compromised web wallet that promises them free funds.
We're facing phishing attacks using hacked YouTube accounts.
Ledger isn't affiliated to this and we reported these accounts @YouTube.
We encourage impacted users to report those and contact local police if needed.Remember: Never share your 24-words. https://t.co/2h2sgFAeNr pic.twitter.com/vCZ92sROdH
— Ledger (@Ledger) January 27, 2020
The official statement provides additional words of caution, saying that “Ledger users are continuously targeted by phishing attacks on social media, search engines and via email.”
Hardware wallets are considered to be one of the most secure methods of storing funds and are recommended for anyone holding cryptocurrencies. These wallets require physical keypresses on the device to complete transactions, but this does not seem to have stopped thieves from attempting to lure unsuspecting investors.
Phishing Still One of the Most Common Techniques
Phishing is by far one of the most popular ways attackers steal funds. Unfortunately, many are still uninformed and continue to provide sensitive information to compromised websites, under the impression that they will receive airdrops or free funds.
Anti-virus and cybersecurity firm Kaspersky reported at the peak of the market’s capitalization that phishing attacks are prevalent, and described how users could prevent falling for increasingly believable phishing attempts.
On Ledger’s part, it has asked users to install the MetaMask browser extension, which warns users when they are visiting a website that has been reported as a phishing trap.
2019 Saw a Reduction in Total Funds Stolen
Earlier this month, BeInCrypto reported that exchange hacks in 2019 had increased but the amounts stolen had reduced considerably. The total stolen in 2019 was roughly $283 million, which is a drastic drop from the $875 million stolen in 2018. Although malicious attacks have grown both in number and sophistication, phishing attacks still remain to be one of the simplest to pull off. The total amount of funds stolen in 2019 totaled roughly $283 million — a drastic drop from the $875 million stolen in 2018.
In response, cryptocurrency exchanges have poured additional resources into securing funds, and have been urged to continue to do so by cryptocurrency data firm Chainalysis in its 2020 Cyber Crime Report.