Snail Mail Phishing Targets Trezor and Ledger Users
📬 Cybercriminals are mailing phishing letters impersonating Trezor and Ledger to trick hardware wallet owners into surrendering recovery phrases. The letters pressure recipients with deadlines for an Authentication Check or Transaction Check and instruct them to scan QR codes that lead to cloned setup pages. Those pages prompt entry of 24-, 20- or 12-word seed phrases, which are then sent to attacker-controlled servers, allowing funds to be stolen. Never share your recovery phrase; manufacturers will never ask for it.
