What are the subjects of the phishing (domains, URLs or IPs)?
https://global-desktopapp.kb.help/en-us/
What are the impersonated domains?
https://www.ledger.com/
https://www.ledger.com/ledger-live
Where or how did you discover this phishing?
I discovered this phishing website while investigating cryptocurrency wallet phishing campaigns targeting Ledger users.
The website impersonates Ledger Live and attempts to trick users into entering their 12/24-word recovery phrase. The phishing page copies the official Ledger branding and interface to steal wallet credentials.
Do you have a screenshot?
Screenshot
Related external source
No response
Additional Information or Context
This phishing page is designed to steal Ledger recovery phrases by impersonating the official Ledger Live website.
The website copies the branding and user interface of Ledger to deceive victims into revealing their wallet recovery phrase, resulting in the theft of cryptocurrency assets.
Please review and blacklist this phishing URL as soon as possible to help protect users.
What are the subjects of the phishing (domains, URLs or IPs)?
https://global-desktopapp.kb.help/en-us/What are the impersonated domains?
https://www.ledger.com/https://www.ledger.com/ledger-liveWhere or how did you discover this phishing?
I discovered this phishing website while investigating cryptocurrency wallet phishing campaigns targeting Ledger users.
The website impersonates Ledger Live and attempts to trick users into entering their 12/24-word recovery phrase. The phishing page copies the official Ledger branding and interface to steal wallet credentials.
Do you have a screenshot?
Screenshot
Related external source
No response
Additional Information or Context
This phishing page is designed to steal Ledger recovery phrases by impersonating the official Ledger Live website.
The website copies the branding and user interface of Ledger to deceive victims into revealing their wallet recovery phrase, resulting in the theft of cryptocurrency assets.
Please review and blacklist this phishing URL as soon as possible to help protect users.