As the crypto market experiences not-the-most-encouraging period, Ripple CTO David Schwartz has flagged a surge in phishing attempts aimed at users of hardware wallets, with inboxes filling up with messages disguised as firmware upgrades or verification checks.
The bait is always the same, outlines Schwartz: a request to type a seed phrase into a page or form that is not the hardware wallet itself. What happens after the phrase is entered? Yes, the funds are gone.
It is no coincidence that the Ripple CTO caught the increase in such malicious activity. The market is not in a "good mood," and many investors prefer to be in stablecoins, which are usually stored in cold wallets. That is why hardware becomes a point of attraction for bad actors, and the "best" way to scam them is through social engineering, of course.
Phishing remains the single most effective form of attack in crypto, and even large platforms have been dragged under by it.
Coinbase revealed earlier this year that social engineering attempts against its support staff had cost the company an estimated $400 million. Those were not exploits of blockchain code but direct manipulation of people, convincing them to hand over access or to authorize actions that drained balances.
Crypto's "weak point"
Schwartz’s alert lands at a moment when wallet makers are already struggling to keep up with increasingly sophisticated campaigns, where cloned websites, AI-voiced calls and spoofed domains are standard practice.
Hardware wallets are still the last line of defense, but they only hold if the seed phrase never leaves the device. Phishing sidesteps cryptography and exploits trust, which is why Schwartz framed the spike as urgent. The real "weak point" in crypto is not code, it is human error — and the cost of one mistake can be measured in the millions.
Dan Burgin
Vladislav Sopov
U.Today Editorial Team