RECOVER STOLEN CRYPTOCURRENCY WITH NO UPFRONT FEE
+44 161 391 1194
+1 231 500 9786
82 King Street, Manchester, United Kingdom, M2 4WQ
Purchase Essentials

Crypto.com + Ledger Voice Phishing: How Scammers Stole £150,000

-
0
BitRemit BitRemit
Guides
February 16, 2026

What Happened: The £150,000 Voice Phishing Attack

In December 2024, a UK investor lost over £150,000 in a sophisticated voice phishing attack that combined Crypto.com branding with Ledger hardware wallet impersonation. The scam represents an alarming evolution in crypto fraud—moving from simple email phishing to coordinated phone-based social engineering.

The victim received what appeared to be a legitimate call from Crypto.com security, warning of “suspicious activity” on their account. What followed was a masterclass in manipulation.

How the Attack Unfolded

Step 1: The “Security Alert” Call

Scammers spoofed Crypto.com’s official UK phone number. The caller knew the victim’s name, email, and recent transaction history—data likely obtained from a previous data breach or dark web marketplace.

“We’ve detected unauthorized access attempts on your account,” the caller claimed. “Your Ledger device may be compromised. We need to move your assets to a secure wallet immediately.”

Step 2: Creating Urgency and Fear

The attackers used classic social engineering tactics:

  • Time pressure: “You have 30 minutes before hackers drain your wallet”
  • Authority: Claims of being from “Crypto.com Security Division”
  • Familiarity: Referenced the victim’s actual holdings and recent trades
  • Technical jargon: Discussed “seed phrase vulnerabilities” and “Ledger firmware exploits”

Step 3: The Fake “Secure Transfer”

The victim was guided to:

  1. Download a “security verification app” (actually a wallet-draining tool)
  2. Enter their Ledger recovery phrase “to verify ownership”
  3. Transfer funds to a “temporary secure wallet” while their device was “being patched”

Within minutes, £150,000 in Bitcoin and Ethereum was gone—moved through multiple wallets and mixing services before the victim realized what had happened.

Why This Scam Works

Data Breaches Feed Phishing

Crypto.com suffered a data breach in January 2022 affecting 343 users, but that’s just the tip of the iceberg. Users’ data circulates on dark web marketplaces from multiple exchange breaches, affiliate program leaks, and marketing database exposures.

Scammers cross-reference this data with:

  • LinkedIn profiles (to verify crypto holdings and employment)
  • Social media posts about crypto investments
  • Public wallet addresses and transaction histories

Ledger’s Reputation as a Trust Signal

By mentioning Ledger hardware wallets, scammers add credibility. Ledger is synonymous with security in crypto. When victims hear “your Ledger may be compromised,” they’re more likely to panic—they know Ledger is supposed to be safe.

Phone Calls Feel More Legitimate

After years of email phishing awareness, many users have let their guard down for phone calls. A live voice creates urgency and prevents the “pause and think” moment that might save someone from an email scam.

Red Flags to Watch For

Crypto.com (and Any Exchange) Will NEVER:

  • Call you about account security issues—They’ll email or require you to log in to see alerts
  • Ask for your seed phrase or private keys—No legitimate service needs this
  • Ask you to transfer funds to a “secure wallet”—This is always a scam
  • Create artificial time pressure—”Act now or lose everything” is manipulation
  • Have you download apps from outside official stores—Legitimate apps come from App Store/Play Store

Technical Red Flags:

  • Phone number doesn’t match official contact info (even if caller ID shows correctly—spoofing is easy)
  • Wallet addresses that don’t match your known addresses
  • Requests to “verify” your seed phrase
  • Claims of “firmware updates” or “security patches” requiring fund transfers

How to Protect Yourself

The Golden Rule

No legitimate company will ever ask for your seed phrase, private keys, or ask you to transfer funds to “protect” them.

Immediate Actions If Contacted:

  1. Hang up immediately—Don’t engage, don’t explain, just end the call
  2. Verify through official channels—Open the app directly (don’t click links), check for alerts
  3. Contact support yourself—Use the official website or app, never a number provided by a caller
  4. Report the number—Forward to your country’s fraud reporting service

Hardware Wallet Security:

  • Never enter your seed phrase on any device except the hardware wallet screen itself
  • Ledger will never contact you about “security issues” requiring fund transfers
  • If you suspect your Ledger is compromised, buy a new one directly from Ledger—don’t transfer funds to “secure wallets” suggested by callers

What to Do If You’ve Been Scammed

  1. Act immediately: If you still have access to any funds, move them to a new wallet immediately
  2. Report to authorities: UK residents can report to Action Fraud; US residents to IC3.gov
  3. Document everything: Save call logs, phone numbers, and any wallet addresses provided
  4. Report to the exchange: Crypto.com, Ledger, or whichever platform was impersonated
  5. Don’t trust “recovery services”: These are often follow-up scams targeting victims again

The Bigger Picture: Voice Phishing Is Rising

This £150,000 case isn’t isolated. Voice phishing (vishing) attacks targeting crypto holders increased 340% in 2024, according to blockchain analytics firms. Scammers are becoming more sophisticated, using:

  • AI-generated voices that sound like real support agents
  • Spoofed caller IDs matching official numbers
  • Pre-call reconnaissance from social media and data breaches
  • Multi-channel attacks (email followed by phone call to “verify”)

Final Warning

Crypto.com, Ledger, and every legitimate crypto company have one thing in common: they will never call you and ask you to move your money.

The moment someone asks for your seed phrase, private keys, or a fund transfer to “protect” your assets—that’s a scam. Every. Single. Time.

Hang up. Verify through official channels. Protect your stack.

Key Takeaways

  • Crypto.com does NOT make unsolicited security calls asking you to move funds
  • Ledger will NEVER contact you about “compromised devices” requiring transfers
  • Any request for your seed phrase = 100% scam
  • Phone number spoofing makes callers appear legitimate—always verify through official apps/sites
  • Data breaches give scammers the info they need to sound convincing
  • When in doubt: hang up, verify independently, and never share keys
crypto phishing Crypto.com scam Ledger scam voice phishing
Related Posts
Leave a Reply

Your email address will not be published.Required fields are marked *

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by