Skip to contentSkip to site index
Coinbase Logo
Sign In
Coinbase Logo

Security PSA: Ledger Phishing Attacks

By Coinbase Security Team

Company

, December 24, 2020

, 4 min read time

0*6sORLVx9IEeNCYg1.webp

At Coinbase, our Security team not only monitors the safety of our platform and customers’ funds, but also security threats and abuse trends impacting the larger cryptoeconomy. In December 2020, personal information stolen from Ledger, a third-party hardware wallet provider, was published on a hacking forum, resulting in a massive wave of phishing and extortion attacks against Ledger customers.

That’s the bad news. The good news is that with just a few simple steps, you can easily learn to recognize the most common attacks and protect yourself accordingly.

Personalized Extortion

Receiving an email like this can be pretty terrifying — which is precisely the goal of the attacker. Fear, shame, or embarrassment are common tactics used by extortionists to coerce their victims into paying funds, even when there’s no actual security risk.

While everyone’s personal circumstances are different, our general advice is to completely ignore messages like this. Most extortionists are looking for easy targets, and will generally move on if they don’t receive a response. Of course, if you do have concerns for your personal safety or receive escalated extortion attempts, you should contact local law enforcement immediately.

Ledger Impersonation

At first glance (and even at second glance), this email looks plausible, and it’s not easy to discern the fact that it is designed to fool you into downloading malware that will steal your cryptocurrency private keys.

As a general rule of thumb, if an email is asking you to do something that you’re not expecting or didn’t request, you should treat it with caution. Some phishing links and websites can look very realistic, so if you have any doubts about its authenticity, it’s better to visit the website directly by typing in the URL, or finding the top non-advertisement search result in any major search engine (yes, scammers abuse search engine ads too!)

If you receive an email claiming to be from Coinbase and you’re not sure whether it’s authentic, you can forward it to security@coinbase.com for verification.

SIM-Swaps and Other Attacks

Even if you don’t receive any phishing emails or extortion attempts resulting from the Ledger breach, the exposure of your personal information does put you at risk for other attacks, including SIM-swaps and increased targeting of your other exchange accounts and cryptocurrency holdings.

To help keep your Coinbase account(s) secure, we strongly recommend implementing the following steps:

  • Be on the lookout for targeted phishing emails claiming to be Coinbase. Please see our

     

    help article

     

    for more information about recognizing Coinbase-related phishing attempts.

  • Check your email at haveibeenpwned.com* or a similar third-party data breach monitoring site and ensure that you’re using strong, unique passwords for any account or email address that has been exposed in a previous breach.

  • Enable the strongest form of 2-step verification available to you for both your Coinbase account and your email. Please see our

     

    2-step verification

     

    help article for available options.

  • Set up a

     

    Vault Wallet

     

    to securely store your long-term holdings.

  • Check your Coinbase and email activity history often for any events that you do not recognize.

Additional security tips:

  • Create a strong unique and complex password for your email and Coinbase accounts (use a password that is long and random, stored in a password manager like 1Password or LastPass.)

  • Contact your mobile carrier and ask them about additional security measures you can put in place for your mobile device.

  • Regularly update your browser, phone, and computer to the latest versions to ensure you have applied all available security patches.

  • Read our

     

    security tips and best practices

     

    help article.

As a reminder, Coinbase Support will never call you directly, ask for remote access to your computer, ask you to send digital currency to an external address or ask for your security codes and passwords.

If at any time you believe your Coinbase account was compromised, see our account compromise help article to disable your account.

*This is a third-party website.

Coinbase logo

Company

Recent Stories

Coinbase Blog

Engineering,

Sep 22, 2023,

4min read time

Scaling Detection and Response Operations at Coinbase pt3

Screenshot 2023-09-22 at 3.20.42 PM

International,

Sep 22, 2023,

3min read time

Coinbase Obtains Bank of Spain Registration in Spain

Visual-1B_V1.png

Company,

Sep 19, 2023

A Call To Action: Mobilizing 52 Million Crypto Owners Into An Army of One Million Advocates For Change

Today we’re launching an effort to mobilize 52 million crypto owners – younger and more diverse than the US population as a whole – into a powerful force heading into the 2024 elections with an intense focus on nine key states.

Take control of your money. Start your portfolio today and get crypto.

Sign up for a Coinbase account today and see what the world of decentralized finance can do for you.

Get started