A threatening email requesting payment in bitcoin or other cryptocurrencies has been circulating in recent days.
The author of this message claims to be aware of how many cryptocurrencies the recipient owns, although he does not provide any information about this as confirmation of this claim.
In fact, the data captured in the data breach on Ledger’s ecommerce site also includes the email addresses of users who have registered with the site, so it is very likely that many of them have cryptocurrencies.
Counting on this high probability, the author of the message, which was sent to many of the email addresses stolen from Ledger, pretends to know not only whether the recipient has a hardware wallet, but also how many cryptocurrencies they have.
The falsity of threatening emails to extort Bitcoin
If in the first case, i.e. the possession of a ledger, he has a high probability of guessing us, in the second case, i.e. the amount of cryptocurrencies possessed, he lies.
However, some particularly suggestible recipients may not realise this, and may therefore feel genuinely threatened.
The scammer not only threatens the recipient to share information about their cryptocurrency holdings with area thieves, but also asks for 0.3 BTC or 10 ETH to specific public addresses as a form of extortion for not publishing this information.
He also gives only 24 hours to make the payment, because he counts on the fact that haste is often bad advice.
He concludes by saying:
“I hope you don’t ruin every little thing for yourself by making the incorrect choice“.
Not only is this a double offence (fraud and extortion), but it is all false. The only information in the scammer’s possession is the email address and the name of the recipient, which was taken from the Ledger site.
It should be noted that Ledger’s hardware wallets are non-custodian, meaning that no one, not even the manufacturer of the device, is able to read the information they contain. In addition, these devices do not share any information online about the amount of cryptocurrency held by their owners, so it is absolutely impossible to track this information if you only have the information stolen from the Ledger site.