A new wave of the ‘fake Ledger’ scam has emerged, leaving high-net-worth individuals vulnerable to theft, as revealed by SlowMist founder Yu Jian. This deceptive tactic involves sending counterfeit Ledger devices along with fake instruction manuals that urge users to enter their legitimate recovery phrase into a fraudulent application. The attack aims to steal cryptocurrency held within the user’s real Ledger device. This scheme was first reported in 2021, and has since been modified by attackers to incorporate preset recovery phrases or tamper with random number generators to further deceive victims. Experts warn that while physical phishing attacks may seem uncommon, they have a surprisingly high success rate due to their ability to target individuals of considerable wealth.