Ledger Impersonation Scams
Scammers impersonate Ledger — particularly after the 2020 data breach — to trick hardware wallet owners into revealing seed phrases. Ledger will never contact you to verify your recovery phrase.
Last reviewed: 1 June 2026
Ledger produces hardware wallets designed to keep cryptocurrency offline and secure. Because Ledger suffered a customer data breach in 2020, millions of real customer email addresses and phone numbers were exposed, giving fraudsters a ready-made targeting list. Victims receive convincing emails, physical letters, and texts urging them to 'verify' their Ledger device using a fake site that captures their seed phrase.
The crucial distinction: a hardware wallet's entire purpose is that the seed phrase never leaves the device. No legitimate Ledger process involves entering that phrase on a website or app outside the original device setup.
How scammers impersonate it
- Sending emails to breach-list victims claiming a new security update requires seed phrase confirmation
- Mailing physical letters with Ledger branding asking recipients to validate their wallet via a QR code
- Creating fake 'Ledger Live' applications distributed through unofficial download sites
- Running phishing campaigns during Ledger hardware announcements to capture interest
- Posing as Ledger support on Reddit and Telegram to offer 'wallet recovery assistance'
What the real organisation never does
- Ask for your 24-word recovery phrase via email, phone, or any website
- Require you to validate or re-sync your device by entering your seed phrase online
- Send physical mail requesting seed phrase verification
- Contact you proactively to discuss your wallet holdings
Common red flags
- Any request — digital or physical — to enter your 24-word seed phrase
- Emails referencing the 2020 breach and urging urgent action
- Ledger Live downloads from any site other than ledger.com
- QR codes in letters linking to non-ledger.com domains
- Telegram or Reddit 'Ledger support' accounts offering DM help
Sanitized example messages
Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].
Physical letter: 'Dear Ledger customer, your device firmware must be updated. Scan the QR code and enter your recovery phrase to complete the process.'
Email: 'Critical Ledger security alert: validate your wallet at [fake-ledger-site] within 72 hours to maintain access.'
How to verify
- Download Ledger Live only from ledger.com/ledger-live — verify the URL carefully
- Understand that your 24-word phrase should only ever be entered on the Ledger device itself
- Treat any communication referencing your seed phrase as fraudulent regardless of how official it appears
- Check the Ledger security notices page at ledger.com for confirmed genuine alerts
What to do if you're targeted
- Do not enter your seed phrase anywhere — the request itself confirms fraud
- If your phrase was compromised, transfer all assets to a new wallet with a fresh seed immediately
- Report scam sites to Ledger via their security contact page
Frequently asked questions
I received a physical letter with Ledger branding — is it real?
Ledger does not mail customers asking for seed phrase verification. Physical letters making such a request are a known scam tactic — discard them.