Meet the Top 101 in Crypto
Security
3 min read

QR Code Scam Letters Continue To Be Sent to Ledger Users

Published 02 October 2025
James Morales
Authors
Key Takeaways
  • Scam letters present an ongoing threat to Ledger users.
  • Letters use QR codes to direct victims to phishing websites.
  • Ledger has warned customers never to share their seed phrases.

More than four months after Ledger first flagged the tactic, scammers continue to target wallet owners with fake mail directing recipients to phishing sites.

The company now lists physical mail as the top scam threat users should be aware of, ahead of phone calls, scam NFTs, and fake social media accounts.

New Trending Crypto Wallet Offers
Sponsored
Disclosure
Opened in 2018
Promotions
Trusted, Secure & Crypto Friendly
Coins
Bitcoin Ethereum Tether Wrapped BNB USD Coin +87
Opened in 2017
Promotions
Receive Up to $10 in BTC when you buy and activate a Tangem Wallet.
Coins
Bitcoin Ethereum Tether Wrapped BNB Solana +68
Show More

Ledger QR Scam Explained

Instances of the Ledger QR scam follow the same basic template.

Targets receive a letter in the mail designed to look like official communication. The document makes up a bogus reason hard wallet users need to visit a website, typically linked via a QR code, which helps obscure the suspicious address.

Several variations on the theme have been observed. One of the first letters that surfaced in April states that “a critical security update requires your immediate attention.”

A month later, Ledger shared an example that said users must “validate” their wallet by scanning the QR code.

Creating a Sense of Urgency

In a bid to unsettle victims, Ledger scam letters attempt to create a sense of urgency.

“Failure to complete this mandatory validation process may result in restricted access to your wallet,” one warns.

Another, which the recipient shared online recently, states: “To avoid any disruption to your Ledger Live access, please scan the QR code.”

Ledger Reminds Customers—Never Share Seed Phrase

Like other phishing schemes that target Ledger users via email, phone call, or malicious web links, the end-goal of physical mail scams is to capture victim’s seed phrases.

These recovery phrases are unique mnemonics that hardware wallets derive from blockchain private keys. Ledger recommends wallet users keep a physical, offline copy of their seed phrase somewhere safe in case their physical device is lost or damaged.

Addressing the threat of scam letters, Ledger stresses that “there is no good reason to type your phrase into a computer.”

“Anyone that has your recovery phrase has full access to any account that has been created using it,” the company warns.

James Morales

James Morales is CCN’s blockchain and crypto policy reporter. He has been working in the news media since 2020, writing about topics such as payments, banking and financial technology. These days, he likes to explore the latest blockchain innovations and the evolving landscape of global crypto regulation.

With an educational background in social anthropology and media studies, James uses his platform as a journalist to explore how new technologies work, why they matter and how they might shape our future.

Related

Survey Icon
Help us improve
1 of 4
Is this your first time here?
What brought you here today?
What are you most interested in?
Would you be interested in:
Thank you icon
Thank you for your feedback!
DMCA.com Protection Status