LEGO removes fake token scam after homepage hack
The LEGO Group’s website was briefly compromised, featuring a scam that promoted a fake ‘LEGO Coin’ token and directed users to a phishing site. The scam was removed within 75 minutes, and LEGO confirmed that no user accounts were affected.
LEGO Group’s website was briefly compromised on 5 October, with a scam promoting a fake ‘LEGO Coin’ token appearing on the homepage. The message encouraged users to purchase the token in exchange for ‘secret rewards’ but redirected them to a phishing site. The scam was removed after about 75 minutes, and LEGO confirmed that no user accounts had been compromised.
LEGO has since assured customers that the issue has been resolved and steps are being taken to prevent future incidents. Despite earlier hints in 2021 about entering the NFT space, LEGO has not officially pursued any crypto-related ventures.
This incident highlights the ongoing threat of cryptocurrency scams, which saw $127 million stolen from victims in the third quarter of 2024, with September alone accounting for $46 million in losses.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.
