Back
Hackers Send Physical Phishing Letters Impersonating Trezor and Ledger

Hackers Send Physical Phishing Letters Impersonating Trezor and Ledger

Cybersecurity experts warn of a mail-based phishing scam urging users to comply with fake authentication checks, threatening wallet access if ignored.

Fact Check
Multiple independent and credible cybersecurity news outlets and blogs report that physical phishing letters have been sent to owners of Trezor and Ledger cryptocurrency hardware wallets. These letters impersonate the companies in an effort to trick recipients into revealing recovery phrases or other sensitive information, often using QR codes linked to phishing websites. The reports provide detailed attack methods and align with user accounts and social media alerts warning of such scams. The evidence is consistent across reputable sources including a high-authority tech news publisher, cybersecurity blogs, and community reports, with no credible contradictory evidence found. While the statements originate from incidents in the crypto-theft space, the specificity and similarity of details strongly support the truthfulness of the claim.
Summary

Trezor and Ledger hardware wallet users are facing a phishing scam delivered through physical mail, according to cybersecurity experts. The fraudulent letters impersonate official notices and demand a mandatory authentication check before February 15, 2026, warning that access to the device will be revoked if ignored. These letters direct recipients to malicious sites designed to harvest seed phrases, enabling attackers to seize cryptocurrency assets. This incident highlights an ongoing shift in phishing tactics toward physical delivery channels to exploit trust in official-looking correspondence.

Terms & Concepts
  • Seed Phrase: A sequence of words generated by a cryptocurrency wallet, serving as the master key for restoring the wallet and accessing its funds.
  • Hardware Wallet: A physical device, such as those made by Trezor or Ledger, that stores private keys offline to protect against online hacking attempts.
  • Phishing: A fraudulent attempt to obtain sensitive information by disguising as a trustworthy entity, often through deceptive communication channels.