In any such unsolicited e-mail, ensure you take a look at the sender’s address. An essential hint in any phishing e-mail is a minor misspelling of a genuine address or URL. For example, with the Ledger phishing fraud, the e-mail was from a “legder.com” URL, which is misspelled. An enemy will attempt to make the inbound e-mail appear as genuine as possible, so constantly double-check. Another idea is to hover over any link to see where it is leading.
Source due to the fact that bitcoin.org is highlighted with a link does not imply it in fact goes to bitcoin.org.(*)