Hackers Send Physical Phishing Letters Impersonating Trezor and Ledger to Trick Users

The hackers primarily targeted the customers of two cryptocurrency wallet security firms.

Advertisement
Written by Dhruv Raghav, Edited by David Delima | Updated: 17 February 2026 17:50 IST
Highlights
  • Hackers sent physical letters to dupe crypto customers
  • The fake letters carried a QR code redirecting to a scam site
  • The company clarified that it doesn’t contact the users first

Crypto hackers were duping customers to reveal their account recovery phrases

Photo Credit: Unsplash

A cybersecurity expert has warned that hackers have now started targeting customers of a cryptocurrency wallet security company, ironically sending physical letters to users, to access their crypto wallet recovery phrases. Recently, a report highlighted that bad actors have started duping industry leaders and stakeholders with fake Zoom video conferences and compromised Telegram accounts. In the last few years, crypto scams have become increasingly sophisticated, and bad actors have become more crafty with their tricks.

Fake Letters Impersonating Cryptocurrency Wallet Security Firms Carried Signatures of Executives

In a post on X, Dmitry Smilyanets, a cyber threat intelligence expert and Senior Director of Product Management at Recorded Future, has highlighted that a group of hackers has sent fake physical letters to multiple customers of Trezor, a cryptocurrency wallet security company, impersonating the firm. He pointed out that the letter carries a hologram and a QR code to a fake website. The hackers have also used the signature of Trezor CEO, Matěj Žák, in an attempt to dupe customers.

Advertisement

Separately, an X user has also posted, claiming that Trezor is not only the company that cryptocurrency hackers are impersonating. Similar letters, with the company letterhead, were reportedly mailed to the customers of Paris-based Ledger, another cryptocurrency security firm. The fake Ledger letters followed the same format, including the signature of the company's Chief Technology Officer (CTO), Charles Guillemet.

Both letters were shown to have a similar subject line, informing customers that Trezor and Ledger will “soon” make the authentication of each transaction “mandatory”, calling it a new security feature to “provide greater confidence” in the safety of their transactions.

The fake letters then instructed recipients to scan the QR code with their smartphones and follow the steps shown on the screen to avoid service disruption. Smilyanets highlighted that this QR code redirects users to a “scam website”, which is designed (via Crypto.News) to steal the account recovery phrases of customers, consequently gaining unauthorised access to their wallets.

Replying to the post, Trezor confirmed that the company “never” contacts its customers first, while warning users to “never share” their wallet backup with anyone. The firm advised users to verify the official channels before moving forward. “Stay safe out there, everyone,” Trezor said in a statement.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Amazon Prime Day 2026: Best Deals on iQOO Smartphones
  2. Best Camera Phones Under Rs. 30,000 for Content Creators in India
  3. Amazon Prime Day 2026: Best Deals on Fire TV Stick and Streaming Devices
  1. Amazon Prime Day 2026 Laptop Deals: Best Discounts on HP, Asus, Lenovo, Dell, Acer Models
  2. Best Camera Phones Under Rs. 30,000 for Content Creators in India: Motorola Edge 70 Fusion, Galaxy F56, More
  3. Boat Stone 900 Launched in India With Up to 80W Sound Output, Up to 15 Hours Audio Playback: Price, Features
  4. Cyberpunk 2077 Has Sold 40 Million Copies, CD Projekt Red Confirms
  5. Nothing Phone 1 Receives Final Software Update With Latest Security Patches, Bug Fixes and Improvements
  6. Nokia 235 4G (2026), 215 4G (2026) Launched Alongside Nokia 210 4G, and 200 4G With AI Assistant Button
  7. Samsung Galaxy S27 Ultra Battery Details Leaked; Could Top iPhone 18 Pro Max's Battery Capacity
  8. OnePlus Ace 7 Series Tipped to Feature 185Hz Display, 9,000mAh Battery
  9. WhatsApp Rolls Out Primary Device Support on iPad, Tests New Setup Screen for Android Tablets: Report
  10. Government Directs App Stores to Remove Malicious Apps Used to Disrupt E-Rickshaw Operations: Report
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.