Skip to content

Phishing | global-desktopapp.kb.help #2168

Description

@abaev020-svg

What are the subjects of the phishing (domains, URLs or IPs)?

https://global-desktopapp.kb.help/en-us/

What are the impersonated domains?

  • https://www.ledger.com/
  • https://www.ledger.com/ledger-live

Where or how did you discover this phishing?

I discovered this phishing website while investigating cryptocurrency wallet phishing campaigns targeting Ledger users.

The website impersonates Ledger Live and attempts to trick users into entering their 12/24-word recovery phrase. The phishing page copies the official Ledger branding and interface to steal wallet credentials.

Do you have a screenshot?

Image Image
Screenshot

Related external source

No response

Additional Information or Context

This phishing page is designed to steal Ledger recovery phrases by impersonating the official Ledger Live website.

The website copies the branding and user interface of Ledger to deceive victims into revealing their wallet recovery phrase, resulting in the theft of cryptocurrency assets.

Please review and blacklist this phishing URL as soon as possible to help protect users.

Metadata

Metadata

Labels

phishing-reportA Phishing report that has to be verified.

Type

No type

Fields

No fields configured for issues without a type.

Projects

Status
🆕 New

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions