TLDR
- Phishing scams are targeting hardware wallets with fake update messages.
- Users are being tricked into entering seed phrases on fake websites.
- Ripple CTO says the main crypto risk is human error, not tech flaws.
- Cold wallet users are high-value targets during unstable market periods.
As the crypto market faces ongoing pressure, Ripple CTO David Schwartz has issued a warning to hardware wallet users. He pointed out a spike in phishing attacks that trick users into entering their seed phrases outside of the hardware device. These scams, disguised as routine security checks or updates, are leading to direct theft of funds — exposing what Schwartz calls the real weak point in crypto: human error.
Phishing Attacks Targeting Hardware Wallets
Ripple’s Chief Technology Officer, David Schwartz, recently flagged a rising number of phishing scams directed at hardware wallet holders. These scams often take the form of emails or text messages asking users to update their firmware or verify account details. The message usually includes a link to a fake site that mimics the look of legitimate hardware wallet providers.
Once users follow the link, they are prompted to enter their seed phrase. This phrase, which gives full access to a crypto wallet, should never be shared or entered anywhere except the device itself. However, once the seed phrase is typed into a fake site, the attacker can access and transfer all funds out of the wallet.
Cold Wallet Popularity Brings New Threats
Due to ongoing market uncertainty, many crypto holders have moved funds into stablecoins stored in cold wallets. This has made hardware wallets more attractive targets for cybercriminals. Cold wallets are not connected to the internet, which makes them safer by design, but only if their private keys are never exposed.
Schwartz warned that the growing number of phishing attempts is not random. He noted, “The bait is always the same — a request to type a seed phrase into a form that isn’t the hardware wallet itself. What happens next is also always the same — the funds are gone.” This consistency shows that the attacks rely more on user mistakes than on any technical failure.
Social Engineering Still Crypto’s Largest Threat
Phishing, a form of social engineering, remains the most used tactic by bad actors in the crypto space. These attacks focus on manipulating users into giving up sensitive information, rather than exploiting bugs in the underlying technology. Even large crypto firms have been affected.
Earlier this year, Coinbase disclosed that phishing attempts against its support team had led to estimated losses of $400 million. In these cases, attackers used methods such as fake calls, spoofed websites, and emails to gain access to internal systems. These incidents show how even experienced personnel can fall for scams that are designed to look convincing.
Hardware Wallets Only Work if Properly Used
Despite the risks, hardware wallets continue to be one of the safest options for storing crypto — but only when used correctly. Schwartz emphasized that seed phrases should never leave the device. Once exposed, the wallet is no longer secure, regardless of how advanced the hardware may be.
The problem is not with the cryptographic systems that protect the wallets but with the trust users place in fake messages. Scammers copy branding, logos, and even domain names to trick people into giving up their security keys. The method works because it doesn’t need to break the technology — it only needs to trick the person using it.
Stay Ahead of the Market with Benzinga Pro!
Want to trade like a pro? Benzinga Pro gives you the edge you need in today's fast-paced markets. Get real-time news, exclusive insights, and powerful tools trusted by professional traders:
- Breaking market-moving stories before they hit mainstream media
- Live audio squawk for hands-free market updates
- Advanced stock scanner to spot promising trades
- Expert trade ideas and on-demand support
