Hackers Send Physical Phishing Letters Impersonating Trezor and Ledger to Trick Users

Hackers are sending fake letters to customers of Trezor and Ledger, the cryptocurrency wallet security firms, impersonating the two companies. The letters purportedly include the signatures of senior company executives, along with a QR code. This QR code allegedly takes users to a “scam website”, where customers are duped into sharing their account recovery phrases, which the bad actors are using to gain access to the cryptocurrency wallets.