PSA: Warning, scam letters being sent to Ledger users

I have just received a physical mail that's exploiting the leaked Ledger database. I recognised it immediately as a scam as I had provided an incorrect name when I had purchased my Ledger.

The letter itself is very authentic-looking, mentioning that Ledger is supposedly introducing a thing called "Transaction Check" that needs to be enabled on your Ledger device. It provides a QR code which of course goes to a scam URL (ledger.verify-transaction-check.com) which presumably asks you for your seed phrase (I did not click on the link as it likely personally identifies the recipient).

After a bit of investigation, I believe I managed to get Cloudflare to shut it down, as they were using these services to hide the underlying web host. This has hopefully saved some people from being scammed. I'm hoping that since they now can't hide their web host, it will mean no further people will be at risk. For additional measure, I have also reported it to Google Safe Browsing so any browsing to that URL regardless of web-host will be met with a big warning.

It looks like these guys have spent some time and money on this campaign. The letter has a local stamp which seemingly indicates that it's being conducted from within my country.

If anyone gets these sorts of mails, I would highly encourage them to take similar action by reporting these sites either here or directly to the host site (if you are knowledgeable on how to get this information). The quicker this community reacts to this sort of stuff, hopefully these scammers will realise it's not a profitable enterprise anymore.