Address poisoning attacks

Address poisoning attacks

Cryptocurrency scams are not new to the industry, they take various disguises.

To safeguard your crypto assets and refrain from financial losses, it’s beneficial to recognize when and how you’re being targeted to exercise safety measures/steps that make sure you are secure from these cryptocurrency scams.

This article emphasizes address poisoning attacks, and sheds light on how you can safeguard yourself from such attacks.


What is Address Poisoning Attack?

Address poisoning or address spoofing is a deceptive tactic wherein scammers send bits of cryptocurrencies to a wallet owner using a fake address resembling the victim’s. The owner, misled by the resemblance, unknowingly sends funds to the scammer’s address.

This is a ploy to trick you into sending your assets to the scammer’s address.

Interestingly, unlike other types of crypto scams, like phishing attacks, these do not involve sophisticated tech or malware.

They are not limited to any specific wallet. From Bitcoin wallets to multi-chain wallets, anyone can be targeted.


How Do They Work?

Address poisoning attacks follow a simple mechanism with and heavily rely on users’ negligence.

Here is how scammers plan this notorious sting.

How Does Address Poisoning Attack Work


Step 1: Pick the Target

Blockchains being transparent and public in nature allows everyone to have access to the transactions carried out by wallet addresses, and scammers keep an eye on the addresses that frequently make transactions or addresses that hold a lot of crypto assets.

Step 2: Generate Fake Addresses

Crypto wallet addresses being a combination of alphanumerics that are as long as 64 characters in length are very difficult to memorize. Often, while making transactions, users only cross-check the first and last four digits of the wallet address.

Scammers, being well aware of this behavior, generate a crypto wallet address using tools like Vanity ETH whose alphanumeric string closely resembles your or your friends wallet addresses.

Eg. Your friends address → 0x11…………73BF | Fake address → 0xb1…………73bF

Fake address example

Step 3: Address Poisoning

Once the scammer has set up a near-identical wallet address, they plot the trap and send a near-zero amount of cryptocurrency to the target address. This leaves your transaction history “poisoned”.

Now your wallet’s transaction history is full of the scammer’s identical wallet address.

Post poisoning, the scammers now wait for you to make a transaction to your friend’s address. They hope that you unknowingly copy and paste the scammers address from the transaction history.

Step 4: Trap the Victim

Users’ negligence to check all the characters before making the transaction enables the scam’s success.

If, due to negligence, a user sends his/her funds out to the phony address, it would be too late to recover the funds by the time they realize their mistake.


Useful links


Examples of Address Poisoning Attacks:

Scenario 1 – Address Poisoning Attack Targeting the Average Joe

Peter, a cryptocurrency enthusiast living in the neighborhood is a long-term trader and has a substantial amount of funds lying in his wallet and regularly sends crypto to his good friend John with wallet address (0x1223…..0987).

Scammers keep a close eye on Peter’s transaction activities through a blockchain explorer.

They then use tools like vanity-eth.tk to create a fake address (0x1233…..0987) showing similarity to John’s address.

Having set up a similar address the scammer then sends bits of cryptocurrencies to Peter’s address filling up his transaction history with the fake address, causing address poisoning.

Peter is oblivious to this and sends crypto to John as per usual — just copy-pasting from what he thought was John’s address from a previous transaction.

Peter realizes that he has been scammed when John tells him he never got his money.

In this scenario, the scammers win due to Peter’s negligence.

Scenario 2 – Address Poisoning Attack via Fake Smart Contracts

Mark, an active trader, is well known for making money via cryptocurrency arbitrage, Mark actively transfers funds between multiple cryptocurrency exchanges to get the best deals.

Keeping note of Mark’s daily activities, scammers target Mark and his wallet address following which scammers employ a fake token contract and send bits of the phony token to the victim. The fake tokens are always a counterfeit of popular cryptocurrencies like USDT or USDC.

The scammer then executes a transaction utilizing the “transferFrom” function of this fake token contract, making it seem as if the target’s address is transferring 0 tokens to the recipient (the scammer’s address).

This tactic is employed in the hope that the target will duplicate the most recent recipient’s address, under the false belief that they have previously engaged in a transaction with this address.

Mark, being lazy to scan his wallet address each time while arbitrage trading, copy/pastes the scammers address mistaking that for his address from the previously made transaction.

In this scenario, mask loses his funds.


Result of address poisoning attacks

Address poisoning attacks may result in the following:

  • Severe financial loss as a result of user negligence.
  • Severe damage to trust and security in the cryptocurrency ecosystem, undermining confidence in blockchain technology.
  • Victims may face emotional distress and a loss of faith in the crypto community.

Address poisoning attacks highlight the need for vigilance and security measures to protect the global blockchain industry against such scams.


Safeguard Yourself From Address Poisoning Attacks

Address poisoning attacks could result in hefty financial losses. Follow these methods in order to safeguard yourself from these blockchain attacks.

Cross-check your wallet address

Make sure to cross-check the ‘complete’ wallet address (alphanumeric strings) before proceeding with your transactions.

Avoid copying/pasting addresses

Refrain from copying/pasting wallet addresses from the transaction history as they may have been poisoned with fake/phony addresses. Instead, manually enter it or ask the other party for their address each time.

Use NFT domains

Use NFT domain names like those from ENS or Unstoppable domains. They are easy to read, memorize, and triple-check.

Choose reputed wallets

When managing cryptocurrencies, always make sure to choose the best cryptocurrency wallets such as Paybis.

Paybis is a non-custodial cryptocurrency wallet that provides you with a safe and intuitive cryptocurrency storage/trade experience.

Make test transactions

Always be sure to make a test transaction with a smaller amount of token/crypto just to make sure you have sent the amounts to the right crypto address.

Address books/contacts

Crypto wallets such as MetaMask and Trust Wallet allow you to store wallet addresses similar to how you store contact numbers on your smartphone.

This would prevent you from copy/pasting addresses and make sure you are sending funds to the right wallet address.



Address poisoning attacks manifest the darker side of the cryptocurrency realm. They showcase how a blend of technological manipulation and human negligence can lead to substantial financial losses.

As the crypto-sphere continues to expand, the ingenuity of scammers evolves in parallel, making it vital for individuals and communities to foster a culture of vigilance and education.

At Paybis, we strive to keep you updated with the best practices to stay safe and navigate the digital assets space responsibly. Read more from our blog and get a step closer to becoming a crypto expert.


Frequently Asked Questions (FAQs)

What are crypto wallet addresses?

Cryptocurrency wallet addresses are unique alphanumeric codes used for sending and receiving cryptocurrencies/nfts and other forms of digital assets, serving as a user’s transaction destination.

What does it mean to poison an address?

Poisoning an address in cryptocurrency refers to a deceptive tactic where scammers send small amounts of crypto to a victim’s wallet from a fake address resembling a legitimate one, tricking the victim into sending assets to the scammer’s address.

What are some reliable cryptocurrency wallets to use?

Reputable wallets like Paybis Wallet, MetaMask, and Trust Wallet are recommended for a safer and more intuitive cryptocurrency management experience, each offering various features to enhance transaction security and user convenience.

What is the common cause of address poisoning?

The common cause of address poisoning is malicious intent by scammers to deceive cryptocurrency holders. They exploit the transparency of blockchain and users’ negligence in verifying complete wallet addresses, using fake addresses to trick users into sending their assets to the wrong destination, thus facilitating theft.

Disclaimer: Don’t invest unless you’re prepared to lose all the money you invest. This is a high‑risk investment and you should not expect to be protected if something goes wrong. Take 2 mins to learn more at: https://go.payb.is/FCA-Info