Fraudsters who pretend to be a ledger, a hardware letter pocket manufacturer, send physical letters to crypto users who instruct them to “validate” their wallets or to “validate” access to funds to influence the industry.
Mike Beltshe, CEO of Bitgo, shared an image of the fraud letter with a QR code that was probably linked to a malicious phishing site. According to the chief, the letter was sent via the US postal service (USPS).
“These are all fraud that doesn’t fall on any of them,” wrote Troy Lindsey after receiving a duplicate of the Phishing letter.
A duplicate of the fraud -phishing letter. Source: Mike Beltshe
Cointelegraph turned to a comment on Ledger, but was not in a position to receive a solution on the time of publication.
This phishing attempt underlines the continually developing complexity and tactics of social engineering scams that steal crypto-private keys, user funds and other sensitive data from unsuspecting sacrifices.
Coinbase and crypto users beat hard through phishing attacks in 2025
In April 2025, 330 million US dollars on Bitcoin (BTC) were stolen by an older person by a phishing attack, confirmed Onchare Detective ZackxBT in a post on April thirtieth.
“Two suspects within the raid of 330 million US dollars are 'Nina/Mo' -a Somalian who operates a call fraud center in Camden, Great Britain -and a accomplice 'W0RK' that was supported and called with the web site and calling,” said the Onchain security analyst in an update.
https://www.youtube.com/watch?v=s0u1niwnzmi
On May fifteenth, Crypto Exchange Coinbase announced that the goal of a ransom attempt was after customer support entrepreneurs who were later dismissed by the corporate were leaked to threats.
The fraudsters called for a ransom of 20 million US dollars to refuse to pay Coinbase, and the stolen data contained names, addresses, contact information and a limited variety of other sensitive account details that belonged to a small sub -group from Coinbase customers.
During the leak, no private keys, login information or access to Coinbase -Prime accounts were affected throughout the leak.
The founding father of Techcrunch Michael Arrington was very critical of the exchange with security failure and argued that this can result in physical violence against customers who were uncovered within the hack.
