With all of the phishing, malware and scam attempts targeting cryptocurrency investors, it’s no surprise that some users are concerned if it is possible to be sent a fake Ledger.
The short answer is yes – it is possible to be sent a fake Ledger. However, the good news is that it isn’t difficult to check if your Ledger is genuine, so you can protect yourself by just taking a few simple steps after you receive your Ledger device.
Before we show you how to check if your Ledger is genuine and explain how fake Ledger scams work, let’s quickly go through the most important things you need to know to protect your crypto.
- Anyone who has your recovery phrase can steal all of the crypto in your wallet.
- Never share your recovery phrase or private key with anyone.
- Ledger will never ask you for your recovery phrase.
- If you are using a hardware wallet, there’s no reason to ever enter your recovery phrase into your computer or mobile device.
If you just follow these simple tips, you will be protected from the vast majority of crypto scams. Now, let’s take a closer look at how to check if your Ledger is genuine.
How to tell if you got a real Ledger?
Ledger does not use authenticity stickers on their packaging – according to the company, such stickers are relatively easy to counterfeit and can provide a false sense of security to users. Instead, each Ledger device holds a secret key that is used to verify its authenticity when you connect with Ledger’s secure server.
To check the authenticity of your Ledger device, you’ll need to do is to install the latest version of the Ledger Live software on your phone on computer. This is the official software from Ledger which will allow you to easily manage your cryptocurrency portfolio and Ledger device, as well as send and receive transactions.
When you’re setting up the Ledger Live app with your Ledger wallet, the app will automatically check if your device is genuine. If you want to check again after the set up, you can go to the “My Ledger” section of the Ledger Live app. This applies regardless of which Ledger model you have.
Buy a Ledger Hardware Wallet
There’s two more things to look out for which apply to every Ledger device.
- The device should ask you to create your own PIN code. If the device already has a PIN code set up when you are using it for the first time, it’s not safe to use.
- The recovery sheets should be blank (they should not have any words filled in already). During setup, your Ledger hardware wallet will generate a recovery phrase which you will then write down on the blank recovery sheet.
However, there are also some things that vary from model to model when you’re trying to determine if your Ledger is authentic. Let’s take a quick look.
Ledger Nano X
When you turn on your Ledger Nano X for the first time, the screen should display a Ledger logo.
The package for a legit Ledger Nano X includes:
- A Ledger Nano X hardware wallet
- A USB Type-C cable
- An envelope that includes two leaflets and 3 blank recovery sheets
- A keychain
- Ledger stickers
Ledger Nano S Plus
The package for a legit Ledger Nano S Plus includes:
- A Ledger Nano S Plus hardware wallet
- A USB A to USB Type-C cable
- An envelope with with three blank recovery sheets
- An envelope with two leaflets and one card
- A keychain
- Ledger stickers
Ledger Nano S
The package for a legit Ledger Nano S includes:
- A Ledger Nano S hardware wallet
- A Micro USB cable
- A “Get started” leaflet
- 3 blank recovery sheets
- A keychain
- A lanyard
If you’re unsure about which Ledger hardware wallet to buy, check out our article which will help you decide if you should buy a Ledger Nano S or S Plus.
Buy your hardware wallet directly from Ledger or authorized resellers
If you are worried about potentially being sent a fake Ledger, we recommend that you order your hardware wallet directly from Ledger or a reseller authorized by Ledger. You can find a list of authorized Ledger resellers on the official Ledger website.
Buy a Ledger Wallet Directly from Ledger
If you purchase your Ledger second hand or from a store that is not a Ledger-authorized reseller, you should reset the device to its factory settings and set it up as a new device by generating new private keys.
If you are not a highly experienced cryptocurrency user, we recommend that you avoid buying Ledger hardware wallets second hand or from stores that aren’t authorized resellers. The fake Ledger scam attempts we have seen so far have been fairly crude and wouldn’t trick experienced users, but could catch newbies off guard.
Fake Ledger scams
Thanks to Ledger’s anti-tampering technologies, it’s extremely difficult to modify a Ledger hardware wallet in a highly convincing way. However, this hasn’t stopped scammers from trying to steal funds from users by sending them Ledger wallets that were tampered with in fairly obvious ways.
For example, users were sent fake Ledger wallets in 2021 that included a flash drive which launched malicious software once it was connected to a computer. This tampering was immediately evident when opening the wallet, as it contained a flash drive that a legitimate Ledger wallet wouldn’t have.
In addition, the contents of the packaging were also tampered with, as they contained instructions that wouldn’t come with a regular Ledger device.
The software stored in the tampered Ledger wallets prompted users to enter their seed phrase, which would then of course be sent directly to the scammers.
If you are an experienced cryptocurrency user, you would immediately know that there is no reason to ever enter your seed phrase into your computer if you’re using a hardware wallet, and you would have easily detected the scam attempt. However, a newbie with not much experience or knowledge about cryptocurrency might have been tricked into entering their seed phrase and losing their crypto.
Most common scams targeting Ledger users
According to Ledger, here are the most common scams targeting Ledger users.
- Ledger impersonators contacting users via phone calls: Typically, scammers will ask users to provide their recovery phrase. It’s important to understand that Ledger will never contact its customers through a phone call.
- Fake Ledger Live apps and websites: These fake apps and websites will ask you to provide your recovery phrase.
- Scam NFTs: Scammers will sometimes send unsolicited NFTs to users’ wallets. These NFTs will typically contain instructions to visit a certain website to claim a “reward”. Do not interact with these NFTs in any way.
- Malicious transactions: Scammers will try to trick users into approving transactions that result in them losing their funds. This is often done through blind-signing. Learn more about blind signing on the official Ledger Academy website.
- Ledger impersonators on social media: On platforms like X and Telegram, scammers will try to impersonate official Ledger accounts and ask users for sensitive information such as recovery phrases.
The most important thing you can do to keep your crypto safe is to never give your recovery phrase to anyone else. If you want to use your recovery phrase to restore access to your crypto, you should do so using your Ledger hardware wallet.
The bottom line
Ledger devices are arguably the best crypto hardware wallets on the market. Due to their popularity, however, Ledger users are often targeted by scammers. Thankfully, it’s very easy to check if your Ledger device is genuine, and a few simple measures such as keeping your recovery phrase secret at all times go a very long way towards keeping your cryptocurrency safe.
If you’re looking to explore more about the security of using a Ledger device, check out our article explaining what you should do if your Ledger is stolen. You might also be interested in the Ledger Recover service, which provides an extra backup if you lose your recovery phrase.
Source: https://coincodex.com/article/48855/is-it-possible-to-be-sent-a-fake-ledger/