Phishing

How It Works

Phishing attacks in Bitcoin take many forms. The most common involve emails or messages that appear to come from hardware wallet companies, exchanges, or wallet software providers. These messages typically create urgency — claiming your account has been compromised, your device needs a firmware update, or your funds are at risk — and direct you to a convincing fake website that captures your credentials or seed phrase.

Spear phishing targets specific individuals using personal information gathered from data breaches, social media, or blockchain analysis. If an attacker knows you hold bitcoin (through forum posts, social media, or leaked exchange data like the 2020 Ledger breach), they can craft highly convincing personalized attacks. This is why operational security and minimizing your public Bitcoin footprint matter.

The defense is simple but requires discipline: never enter your seed phrase anywhere except your hardware wallet device itself. Never click links in emails claiming to be from wallet manufacturers. Bookmark official sites and navigate directly. Verify software downloads using PGP signatures. If something feels urgent or too good to be true, it is almost certainly an attack. Slow down and verify through independent channels.

Key Points

• No legitimate company, wallet, or service will ever ask for your seed phrase — this is always a scam
• Bookmark official websites and never follow email links to wallet or exchange login pages
• The 2020 Ledger customer data breach led to years of targeted phishing against hardware wallet users
• Verify software downloads with PGP signatures before installation
• Treat any message creating urgency about your Bitcoin as suspicious until independently verified