Aug 20, 2025
20 August 2025 Owners of Ledger hardware wallets are being urged to verify their devices using only Ledger’s official Hardware Vault after a recent uptick in phishing attempts targeting crypto holders via letters, texts and emails.
Ledger Users Urged to run Official Diagnostic Check amid surge in phishing scams
With reports of scam phone calls, spoofed emails, and look-alike websites on the rise, hardware-wallet owners are being urged to run an official diagnostic check to confirm their device integrity and firmware status. The goal is simple: catch any sign of tampering, corruption, or unsafe connections before criminals can exploit them.
In recent weeks, users have flagged an uptick in “urgent security” messages, fake support calls, and QR-code letters pushing them to click unknown links. According to official guidance from the wallet vendor, the safest response is not to interact with unsolicited prompts, but instead to open the company’s official app and run a built-in diagnostic to verify authenticity, firmware integrity, and connection hygiene.
Why this matters right now
Scam calls are impersonating support agents to coerce “security checks.”
Dodgy emails/SMS link to imitation pages that attempt to trigger unsafe actions.
Look-alike domains and QR codes can quietly route you to malicious firmware prompts.
A 60-second official diagnostic can confirm whether your device and firmware pass integrity checks.
Do this now (official, safe steps)
Open the official Ledger Hardware Vault on your computer/phone.
Have your device is close proximity and run the device "Diagnostic Check." Follow the on-screen steps to verify device authenticity and firmware integrity.
Update only inside the official app. If an update is available, complete it there.
Audit connections. Review and remove any unnecessary API connections or third-party permissions you’ve granted.
Harden your setup. Use a strong PIN, keep your OS up to date, and enable available security features in the official app.
Report suspicious contact. Forward scam calls/emails/texts to official support and your local cybercrime authority.
Red flags: hang up, delete, close the tab
Anyone urging a “mandatory validation” on a countdown timer.
QR codes in letters/flyers claiming to run a “diagnostic” or “vault check.”
Misspelled or hyphenated domains that imitate the brand.
Social DMs or phone calls steering you to non-official pages.
If you interacted with something suspicious
Disconnect your device from your computer/phone.
Run the official diagnostic again via the official Ledger Hardware Vault to confirm integrity and check for updates.
Review and revoke third-party approvals/permissions you don’t recognise.
Notify support and file a report with your local cybercrime authority.
Disclaimer. Cointelegraph does not endorse any content or product on this page. While we aim at providing you with all important information that we could obtain in this sponsored article, readers should do their own research before taking any actions related to the company and carry full responsibility for their decisions, nor can this article be considered as investment advice.
