Intro: Global-e reported an order-data incident on 2026-01-05. Ledger is warning users to be wary of phishing emails and fake support using order updates, refunds, or logistics anomalies as bait. Official Ledger support will never ask for your recovery phrase or private keys.
Event overview: Some order-related information may have been accessed without authorisation. Attackers may use names, contact details, and order numbers to forge convincing notices, luring users to phishing sites or malicious attachments.
Potential impact: Imposter emails can now include genuine order details, increasing their credibility. If you then enter wallet-related sensitive information on a fake page, assets are at risk.
Official guidance: Verify the sender domain and links go to the official domain; check order status by typing the URL manually or opening the app directly — don't click email buttons; decline any request for recovery phrase, verification codes, or remote assistance.
Self-check points: Watch for typos, odd domains, and urgent tone. For "urgent refund" or "invoice reissue" links, confirm through official channels first before acting.
Safety reminder: We will never ask for your recovery phrase, PIN, verification codes, or private keys. Anyone requesting them is attempting fraud — do not share and do not proceed.
