Address poisoning in crypto is a scam where a thief tries to trick a crypto wallet owner into sending funds to the scammer’s address.
It is rooted in a similarly-themed attack over local area networks (LAN), known as address resolution protocol poisoning.
In this article, we will focus on address poisoning in relation to cryptocurrencies.
How Does Address Poisoning in Crypto Work?
Address poisoning scammers look to take advantage of the carelessness and haste of some crypto wallet owners. Here is how it works:
- Target identification
Crypto blockchains are public and transparent in nature. The transactions carried out by a wallet address are visible to everyone.
An address-poisoning scammer looks for wallet addresses that interact regularly with each other. It could be friends or family members sending cryptocurrencies and NFTs to each other.
- Address generation
Let’s assume that you and your friend Ryan regularly send tokens to each other. The scammer has identified the pair of you as their target.
The scammer will use a vanity address generator to create a wallet address that closely resembles your or Ryan’s wallet address.
Crypto wallet addresses can be as long as 42 alphanumeric characters, which makes them difficult to remember. Most crypto wallet users have fallen into the short-cut trap of checking the first and last four characters.
The address-poisoning scammer looks to exploit this habit. The scammer will aim to generate a fake address with the same first and last four characters as the victim’s wallet address.
- Address poisoning
Now that the fake address is ready, the scammer will send a small amount of crypto or NFTs (or even a $0 token transaction) to the victim’s wallet address.
The victim’s transaction history has now been “poisoned.” The deceitful transaction will appear on the victim’s wallet transaction history.
The scammer hopes you or Ryan will copy-paste the scam address from the transaction history and send funds to the scam address instead of the legitimate one.
- The Sting
By the time the victim realizes their mistake, it will be too late to recover the lost cryptocurrencies.
A new scam called 'Address Poisoning' is on the rise. Here's how it works: after you send a normal transaction, the scammer sends a $0 token txn, 'poisoning' the txn history. (1/3)
— MetaMask Support (@MetaMaskSupport) January 11, 2023
Address Poisoning: How to Protect Yourself?
Here are some steps to avoid becoming a victim of address poisoning attacks:
- Double-check addresses
Following this first step will nip the address poisoning scam in its bud. Checking every single character of the wallet address before sending cryptocurrencies from your wallet is the most effective way to avoid becoming a victim of address poisoning.
- Avoid copying addresses from transaction history, and save regular contacts.
Never copy wallet addresses from transaction history when sending funds.
When sending cryptocurrencies from centralized exchanges like Binance and Coinbase, you can save verified wallet addresses and assign nicknames to the address. This prevents you from having to copy-paste a wallet address whenever you send funds to your personal wallet or your family and friends.
When using self-custodial wallets like MetaMask and Coinbase Wallet, you can scan the QR code of the recipient’s wallets to ensure that the funds go to the right person. Make sure that you use highly-rated and secure crypto wallets in order to avoid this scam.
You can also add your frequently used addresses to your wallet address book on MetaMask.
Lastly, using Ethereum Name Service (ENS) usernames can secure and simplify sending and receiving cryptocurrencies from one wallet to another.
- Test transactions
To be fully safe and secure about your transaction, you can conduct a test transaction by sending a small amount of crypto to the receiver’s address.
This method is helpful when the transaction value is high. However, the sender will have to pay gas fees for two transactions instead of one.
- Hiding unwanted cryptocurrencies and NFTs
Self-custodial wallet user may have noticed random cryptocurrencies and NFTs being sent to their addresses by unknown entities. You should ‘hide’ these unwanted tokens in your wallet. Most wallets have this feature.
Hardware wallet maker Ledger recommends users not transfer or send these unwanted tokens to another account or to burn addresses. Any interaction with these suspicious tokens may trigger a potentially malicious smart contract.
The Bottom Line
On a positive note, address poisoning in crypto is a scam that users can easily protect against. Users need to be aware of the strategies that address poisoning scammers use so that they can protect themselves.
However, the human nature of carelessness and haste can cause us to become absent-minded and fall for such scams.
Anyone can be a victim, even regulators. In 2023, the US Drug Enforcement Administration (DEA) fell for an address poisoning scam and lost $55,000 worth of stablecoin tether (USDT).
Before we end this article, we want to remind crypto wallet users that attackers cannot access their wallets and funds without the secret recovery phrase.
Therefore, it is imperative to protect your wallet’s secret recovery phrase and never disclose its contents to anyone.