Type of Scam: Phishing or Fake Website Scam
URL of Scam: ledger.com
Wallet Addresses:

rGtqhzEaCCQpjVJtYyb1hWSLVod6uLah81
GA4S4HEWY2JRYOHAAHVJXZ26MDBUGKLTFM4MTN7EHUO6IQLA2SDH6SJT

Calculated Amount Loss: $38,553

Open-Source Intelligence Analysis: Investigative Report on Fraudulent Activities at ledger.com

Current Website:
The referenced URL, purportedly associated with the legitimate site of Ledger (a reputable cryptocurrency hardware wallet provider), is implicated in a scam that has misled individuals into believing they were interacting with Ledger’s official platform, potentially leading to the theft of funds through phishing or fake website interactions.

Domain and Hosting Information:

Registrar: Gandi SAS
Registered On: 1994-09-19
Expires On: 2025-09-18
Updated On: 2024-08-18
Status: clientTransferProhibited
Nameservers:jason.ns.cloudflare.com, jessica.ns.cloudflare.com

Technical Analysis and Legal Action Recommendations:

Domain Registrar: Gandi SASAction Recommended: Obtain detailed registration and ownership information to clarify the legitimacy of the site and determine any discrepancies indicating fraudulent use.
Nameservers: Managed by Cloudflare, Inc.Action Recommended: Secure DNS logs and configurations to trace the domain’s activities and any potential links to fraudulent operations.

Critical Observations:
Given the high-profile nature of Ledger and the long-standing registration of the domain, it is crucial to investigate whether the scam URL is a misleading subsection of the site or a sophisticated phishing attempt exploiting the Ledger brand. The domain’s longstanding history and security settings imply a need for thorough scrutiny to identify any unauthorized or malicious alterations to the site’s content or purpose.

Conclusion:
The situation reported involving ledger.com warrants an immediate and thorough investigation to determine the nature of the scam—whether it be a compromised section of the legitimate site or a well-constructed phishing attempt. Legal actions, including detailed subpoenas for domain registration details and DNS logs, are essential for unraveling the scam’s structure and potentially recovering the victim’s funds. Additionally, enhancing public awareness about verifying website authenticity, particularly for financial transactions, is vital to prevent similar scams

Our OSINT investigation reveals that scammers are fraudulently using the domain http://www.ledger.com, a legitimate website owned by the trusted hardware wallet provider, Ledger, to perpetrate an investment scam. This scam has resulted in a loss of $75,000, involving XRP and XLM cryptocurrencies.

Scam Details
Victims were directed to send funds to the following receiving addresses:

XRP Address: rGtqhzEaCCQpjVJtYyb1hWSLVod6uLah81
XLM Address: GA4S4HEWY2JRYOHAAHVJXZ26MDBUGKLTFM4MTN7EHUO6IQLA2SDH6SJT
These wallet addresses are controlled by scammers who trick investors into transferring funds with the promise of high returns or access to exclusive investment opportunities. Once funds are sent, they become unrecoverable, and communication from the scammers ceases.

Domain Information
While the domain ledger.com is legitimately owned and operated by Ledger, a reputable company based in Ile-de-France, France, with a registration dating back to 1994, the scammers are exploiting its trusted reputation to deceive victims. This misuse of a well-known and secure platform highlights the importance of verifying the authenticity of any communication or investment opportunity linked to trusted brands.

Awareness and Prevention
Be Skeptical of Investment Promises: Legitimate companies like Ledger do not offer investment opportunities or request cryptocurrency transfers to specific wallet addresses. Any such claim is a scam.
Verify Authenticity: Always verify the legitimacy of emails, websites, or social media accounts claiming to represent well-known companies. Only trust communication that originates from official channels.
Use Official Wallets: Never transfer funds to wallet addresses provided by third parties without verifying their legitimacy directly through the company’s official website or customer support.
Report Suspicious Activity: If you encounter scams impersonating legitimate companies, report them to the company and relevant authorities immediately.
If you have additional information about this scam such as other wallet addresses, communication records, or related websites please share it here. Raising awareness about this fraudulent activity is crucial to protect others in the crypto community from falling victim to similar schemes.

Let’s work together to expose these scammers and safeguard the trust and integrity of cryptocurrency platforms.