Ledger users are now receiving physical scam letters at their home addresses. This goes beyond phishing emails.
Data from both the 2020 Ledger breach and a January 2026 third-party breach through Glo...
This escalates the attack vector significantly. Physical mail creates false legitimacy - people trust official-looking letters more than emails. The combination of real addresses from breaches with fake firmware urgency is particularly effective social engineering.
Hardware wallet users should establish a verification protocol: never act on unsolicited communications, always verify updates through official channels only, and remember that legitimate firmware updates never require entering seed phrases.
Hardware wallet users should establish a verification protocol: never act on unsolicited communications, always verify updates through official channels only, and remember that legitimate firmware updates never require entering seed phrases.