Scammers are employing a new tactic to steal crypto holdings, mailing physical letters to Ledger wallet owners with the goal of obtaining their private seed phrases. These deceptive letters, which mimic legitimate communications from Ledger, pressure recipients into performing a ‘critical security update’ that exposes the phrase for access and ultimately theft. A recent example saw tech commentator Jacob Canfield receive such a letter, which purportedly came from Ledger demanding he complete an online validation process to reactivate his device. The letter threatened that failure to comply could result in restricted access to funds and potential losses. 2020 data breaches involving Ledger led to these targeted phishing attempts, with the company’s database being compromised and personal details of hundreds of thousands of users exposed. This raises concerns about a potential link between these attacks and the compromised customer data. It is important to note that Ledger has confirmed these letters are fraudulent and urges its customers not to engage with them.