Scammers have managed to extract more than 1.15 million XRP (ripple) from inattentive Ledger hardware wallet owners. The scammers used a phishing email, which led the recipients to a fake Ledger website. On this fake website, XRP owners could download a version of Ledger Live that contained malware.
Almost indistinguishable from real
The phising action indicates how well you need to stay alert. The website is virtually indistinguishable from the real thing. Below the letter e you can see a dot, which shows that this is not Ledger’s official website.
According to the xrplorer website, the coins were sent in five transactions to an address on crypto exchange Bittrex, but the exchange itself says it was unable ‘to confiscate the XRP in time’.
Ripple owners are targeted more often
Unfortunately, XRP fans are more often targeted by Crypto Bank scams. For example, an e-mail is circulating that supposedly originates from ‘Team Ripple’. In this mail, the Ripple team seems to be holding an XRP giveaway for Ledger hardware wallet owners. In the registration process you are asked to enter the recovery sentence of your Ledger to join the action. With this recovery sentence the hackers can empty the contents of the entire wallet.
Always check the address
In 2018, the same trick was once done with Binance. Everything resembled Binance’s website perfectly, except for a dot under the letter n in the URL. The website even had an SSL certificate (the green padlock to the left of the link), so many investors thought they were on the real website.
Morality of the story? First see if you trust the sender, and if the story is credible. If it sounds too good to be true, then it usually is. And did you click on a link? Then take a good look at the internet address. Not only whether the name is correct, but also whether you see any crazy characters.