Ledger has issued a warning about a sophisticated physical scam letter campaign targeting its customers. Fraudulent letters are being sent via postal mail, where the scammers are impersonating Ledger communications with its authoritative appearance and identity. The letters claim to contain important information about “Quantum Resistance” security updates and “verification processes” deceptively signed by Ledger’s CTO Charles Guillemet. Also, they contain QR codes that link to phishing sites that will steal your 24-word recovery seed phrase.

The scammer’s modus operandi
The fake urgency of the scam letters (threats to stop customers and freeze money in their accounts) prompts potential victims to act quickly without thinking. After reading the letter, victims will scan a QR code to visit a fake Ledger website. When there, they will have an option to input their Secret Recovery Phrase in order to “validate” their accounts or to “activate” the update. By providing that information, the scammer has total control of the victim’s crypto assets.
This type of campaign looks quite professional and targets very specific audiences. Each recipient of the letter is receiving a different letter according to his/her area; for example, an Italian recipient will receive an “Italian version” of the letter. Data available from Global-e’s breach of Ledger’s e-Commerce Services (January 2026) likely led to the targeting of Ledger’s customers, as the sensitive data is now public and includes the consumer’s shipping address, etc.

Response from Ledger
Ledger has stated that it “virtually never” mails physical letters and will never ask you to share or input your Secret Recovery Phrase through any mail, phone, or online means. Ledger will not ask you to scan a QR code or visit an external website to enter your recovery phrase.
Trezor similar cases
On the other hand, Trezor users have also received similar physical scam letters in different jurisdictions, prompting perform an “authentication check,” and update, with even deadlines to do so, making it seem more urgent. Furthermore, the letters say that, even if the user has already done the update on their own, they still need to perform this step to complete the process.
Recommendations to keep you safe
The world is, sadly, full of scams, anywhere. But if you receive a letter like this, follow some basic steps.
- Do not scan the QR code or visit links from these letters, ever
- Do not enter your Secret Recovery Phrase anywhere online, no matter what
- Disregard any instructions in the letter
- Report this crypto scam to Ledger/Trezor Support and your local police and relevant authorities
Keep in mind that your Secret Recovery Phrase gives access to your assets and should always be kept offline in a safe place.




