Ledger owners have reportedly lost more than 1,150,000 XRP following a surge in phishing attempts involving the cryptocurrency hardware wallet.
According to XRP Forensics, a massive phishing scam has stolen more than 1.15 million XRP from Ledger users using a fake domain resembling the official website. The Twitter account warned users to pay careful attention to the URL of the Ledger website before initiating an update.
This phishing scam (notice the fake domain lẹdger.com), has already stolen more than 1,150,000 XRP from @Ledger users. Please watch out!
We will follow the money. pic.twitter.com/Q8XD2awdo7
— XRP Forensics (@xrpforensics) November 2, 2020
A subsequent tweet explained the stolen XRP was sent in five payments to the cryptocurrency exchange Bittrex, which was unable to catch the funds in time to intervene.
The scam used a phishing email to direct users to the fake domain in order to update their wallets. Once there, victims were tricked into downloading malware which emptied their accounts.
A similar scam also involves the use of phishing emails which appear to originate from an official account for “Team Ripple.” The scam email asks users to whitelist their wallet addresses in order to participate in a fake “Incentive Plan” that will distribute over 5 billion XRP.
— Ryan (@whatxrpdid) November 5, 2020
In a blog post published in July 2020, Ledger admitted to a major data breach that resulted in millions of email addresses and personal data of 9,500 customers being compromised.