What are the subjects of the phishing (domains, URLs or IPs)?
https://global-desktopapp.kb.help/en-us/
What are the impersonated domains?
This domain is impersonating Ledger and Ledger Live to conduct cryptocurrency phishing attacks.
The website uses Ledger branding and fake support pages to deceive users into entering their 24-word recovery phrase or other sensitive wallet information. Any victim who submits their recovery phrase risks losing all cryptocurrency assets.
Indicators:
- Impersonates the Ledger brand.
- Fake Ledger Live/support website.
- Attempts to harvest recovery phrases.
- Not affiliated with Ledger.
- Active cryptocurrency phishing.
Please add this domain to the phishing database and block it to protect users.
Target:
https://global-desktopapp.kb.help/en-us/
Where or how did you discover this phishing?
I discovered this phishing website while monitoring suspicious domains targeting cryptocurrency users.
The website impersonates Ledger and Ledger Live by using fake support pages designed to trick users into entering their 24-word recovery phrase. The domain is not affiliated with Ledger and poses a significant risk of cryptocurrency theft.
Screenshots of the phishing page are attached for verification.
Do you have a screenshot?
Screenshot
Related external source
https://github.com/scamsniffer/scam-database/issues/...
Additional Information or Context
This phishing domain is actively impersonating Ledger and poses a direct risk to cryptocurrency users.
The website is designed to steal wallet recovery phrases and other sensitive credentials. Prompt action will help prevent further cryptocurrency theft.
Thank you for reviewing this report.
What are the subjects of the phishing (domains, URLs or IPs)?
https://global-desktopapp.kb.help/en-us/What are the impersonated domains?
This domain is impersonating Ledger and Ledger Live to conduct cryptocurrency phishing attacks.
The website uses Ledger branding and fake support pages to deceive users into entering their 24-word recovery phrase or other sensitive wallet information. Any victim who submits their recovery phrase risks losing all cryptocurrency assets.
Indicators:
Please add this domain to the phishing database and block it to protect users.
Target:
https://global-desktopapp.kb.help/en-us/Where or how did you discover this phishing?
I discovered this phishing website while monitoring suspicious domains targeting cryptocurrency users.
The website impersonates Ledger and Ledger Live by using fake support pages designed to trick users into entering their 24-word recovery phrase. The domain is not affiliated with Ledger and poses a significant risk of cryptocurrency theft.
Screenshots of the phishing page are attached for verification.
Do you have a screenshot?
Screenshot
Related external source
https://github.com/scamsniffer/scam-database/issues/...
Additional Information or Context
This phishing domain is actively impersonating Ledger and poses a direct risk to cryptocurrency users.
The website is designed to steal wallet recovery phrases and other sensitive credentials. Prompt action will help prevent further cryptocurrency theft.
Thank you for reviewing this report.