A dangerous new crypto scam has emerged, and it’s coming straight to users’ homes. Scammers are physically mailing fake letters posing as official Ledger communications, urging recipients to reveal their 24-word recovery phrases under the guise of a critical “security update.”

Shared by tech influencer Jacob Canfield on April 29, the fraudulent letter includes a QR code and falsely claims to come from Ledger, complete with official branding and a reference number. The letter warns that failure to comply may lead to restricted wallet access — a classic scare tactic used in phishing attacks.

The goal is to trick Ledger users into handing over their seed phrases, which would give scammers full control over the victims' crypto assets. A seed phrase is essentially the master key to a hardware wallet. If compromised, the user’s funds can be instantly stolen.

The scam appears to target customers impacted by Ledger’s infamous 2020 data breach, where over 270,000 users had their names, phone numbers, and addresses leaked. Many of those affected have since reported ongoing phishing attempts, including fraudulent emails and even tampered Ledger devices sent by mail.

Ledger has confirmed the letter is a scam, warning users to never share their recovery phrases — not online, over the phone, or in any form. The company reiterated that it will never contact users to request such sensitive information and encouraged users to ignore any unsolicited offers of help or account recovery.

This latest wave of attacks highlights the lingering dangers from past data breaches and reinforces the need for crypto users to stay vigilant against evolving scam tactics.