Download-Phase Phishing Risks — Bundled Software and Fake Entry Points

The download step is a common phishing attack surface. Fakes come in two flavours: fake entry pages and bundled software hidden in the installer.

Fake entry pages

Sponsored search ads that impersonate ledger.com. These lead to look-alike download pages serving tampered installers.

Bundled software

Non-official installers sometimes bundle extra software that harvests clipboard content or credentials.

Defence

• Only download from ledger.com.
• Verify hash and signature before running the installer.
• Run the Genuine Check inside Ledger Live after install.

Safety reminder: Use only the official Ledger site and Ledger Live. Never type your recovery phrase or PIN into a webpage and never share them with anyone. Pause and verify the moment anything looks unusual.