- Address poisoning scams involve scammers fooling their victims into sending crypto to addresses that are similar but not the same.
- Only recently, almost 140,000 was lost in ETH and USDT scams by copying wallet history addresses.
- Check complete addresses, and use new addresses and whitelisting trusted parties to remain safe.
Millions of dollars worth of cryptocurrency change hands on a daily basis, but a subversive trick is silently robbing people of their money. Address poisoning deceives users into sending crypto to fake addresses that look similar. This is an emerging menace, as recent attacks have stolen almost $140,000 in Ethereum and USDT.
Scammers Seed Fake Addresses in Your History
To capitalize on this, attackers deposit almost identical wallet addresses with small amounts of transactions, referred to as address poisoning. Victims unknowingly send money to fraudsters when they copy the addresses of the transactions they have made in the past.
Source – X
This is a risky tactic that a recent loss of 80,000 ETH shows. Web3 Antivirus on X (previously Twitter) shows that the victim used a copy-paste lookalike address of recent activity and lost funds immediately.
Source – X
The same trick had happened to another victim earlier, in which he lost $61,900 in USDT. Attackers populate your transaction history with addresses that are just short of identical, and wait until some careless copy-paste. This was emphasised by the Web3 Antivirus asking users to either check the entire wallet address or whitelist familiar contacts.
The bigger picture is alarming. These and thousands of other such scams have cleaned out millions of blockchains over the past few months.
A similar pattern was reflected in one of the incidents in which a staggering amount of 130,000 dollars was lost in a related poisoning scam. This hack detonated following an 880,000-Ethereum theft, demonstrating how thieves are doubling down on wallet trickery.
How These Scams Unfold: A Closer Look
Address poisoning attacks are not blockchain vulnerabilities, but rather a human error. Crypto wallets are long and complex. The users tend to copy truncated addresses that are close enough. This is exploited by attackers, and they send to the victims in fake wallets that closely resemble their real wallets.
The result? Because the victim thinks they are sending it to a trusted acquaintance or themselves, they fall for it. Instead, funds vanish into scammers’ wallets. Web3 Antivirus describes how the victims are trapped by only trusting the start and end of the addresses and not the whole string.
Growing Menace: Lessons from the Field
Security firms report skyrocketing address poisoning attempts. More than 270 million attempts occurred on Ethereum and BNB Chain in the period between the middle of 2022 and the middle of 2024.
Thousands succeeded, leading to over $83 million in losses. The crypto system does not have real-time checks to alert near-match addresses being sent, which makes detection more difficult.
A report published in March 2025 by a crypto security company, Cyvers, noted that the trend is caused by the unverified automated tools. Higher transaction volumes and impatience of the users are risk-enhancing.
Protect Yourself: Vital Security, Simple Habits
Never copy addresses off of transaction histories. Rather, get the whole address right and send the crypto. Where feasible, apply new wallet addresses and whitelist frequently contacted contacts. Multisig wallets and hardware wallets are more protective.
Blockchain forensics can now identify dusting or small fraudulent transfers that poison addresses. Making reports about suspicious activity to wallet providers and authorities may restrain the impact.
MetaMask and Ledger are now advising against disclosure of zero-value transfers of tokens to prevent confusion. Testing with small transactions prevents costly mistakes.
