Blockstream warns hardware wallet users to beware of phishing threats

Blockstream, an infrastructure and hardware wallet provider, has alerted users to new phishing campaigns targeting their Jade hardware wallet users. The company stressed that it will not distribute firmware files via email and ensured that no data was leaked in the attack. Phishing attacks are designed to trick users into leaking sensitive information by mimicking legitimate communications. In this case, the fraudulent email urged users to download the latest firmware version of Blockstream Jade wallet via malicious links. Phishing scams are becoming increasingly rampant, with cryptocurrency users losing more than $12 million in August alone and victims of more than 15,000, an increase of 67% from July, according to anti-scam service Scam Sniffer. As these scams become increasingly complex, cryptocurrency users must remain vigilant and take strong cybersecurity measures to protect their assets and personal information. According to blockchain security firm Hacken, cryptocurrency users lost more than $3.1 billion in the first half of 2025 due to scams and hacking, a significant increase from the previous year. Phishing scams often involve deceptive emails sent by reputable cryptocurrency companies that trick users into leaking their private keys or passwords by warning users of account problems or security breaches. To prevent phishing scams, users should verify the URL address and ensure that they are visiting a legitimate website. Scammers often create URLs that are very similar to real cryptocurrency websites and make some minor modifications, such as replacing letters with numbers. Adding trusted pages to bookmarks, avoiding manual typing of URLs or relying on search engines, can also help prevent becoming victims of scams. Additionally, users should be cautious about clicking links of unknown origin and use a virtual private network (VPN) to hide their IP addresses. And double check for spelling or grammatical errors in emails and websites. These practices can significantly reduce the risk of phishing attacks and enhance online security for encrypted users.