In any such unsolicited email, make sure you look at the sender’s address. A key clue in any phishing email is a slight misspelling of a real address or URL. For example, with the Ledger phishing scam, the email was from a “legder.com” URL, which is misspelled. An attacker will try to make the incoming email seem as real as possible, so always double-check. Another tip is to hover over any link to see where it is leading. Just because bitcoin.org is highlighted with a link does not mean it actually goes to bitcoin.org, for example.