A New Kind of Crypto Theft

Address poisoning is an increasingly common attack where scammers send tiny transactions from wallet addresses that closely resemble addresses you regularly interact with. When you later copy an address from your transaction history, you might accidentally copy the scammer's lookalike address instead — sending your funds directly to the attacker.

How the Attack Works

Wallet addresses are long hexadecimal strings that most people only verify by checking the first and last few characters. Scammers generate "vanity addresses" that match these characters while having different middle portions. They then send dust transactions (fractions of a cent) to your wallet, polluting your transaction history with their lookalike addresses.

Why It's So Effective

Most wallet interfaces truncate addresses, showing only the first 6 and last 4 characters. If a scammer generates an address matching these visible portions, the poisoned address looks identical to your legitimate counterparty in your wallet's transaction list. One victim lost 68 million USD in wrapped Bitcoin after copying a poisoned address.

Prevention Strategies

• Never copy addresses from transaction history — always use your address book or copy from the source directly
• Verify the FULL address — check every character, not just the first and last few
• Use address book features — save verified addresses and always send from saved contacts
• Send test transactions — for large transfers, send a small amount first and verify receipt
• Use ENS/name services — human-readable names eliminate the risk of address confusion

Wallet Developer Responsibility

Wallet developers are implementing defenses: flagging dust transactions, highlighting address differences, requiring full address verification for large transfers, and filtering suspected poisoning attempts. Update your wallet software regularly to benefit from these protections.