What Is Crypto Address Poisoning?

What Is Crypto Address Poisoning?

Address poisoning, also known as address spoofing, is a way scammers and cybercriminals can poison or infiltrate your transaction history through dummy transactions. It's a relatively new crypto/Web3 scam, and this article explains how it works, its effects and how to avoid it.

What is crypto address poisoning?

Address poisoning is a crypto wallet scamming method where a scammer tries to confuse a crypto trader or wallet owner by sending them small amounts of crypto through a fake wallet address very similar to theirs or someone they usually trade with. They do this to trick the wallet owner into sending funds to the scammer's address.

It's important to note that while this method is less dangerous than other scams, it can still lead to financial losses.

How Crypto Address Poisoning Works

Cryptocurrency address poisoning happens in the following three steps:

Step 1: Address Duplication

Crypto transactions are recorded on a public ledger/record known as the blockchain. This transparency allows anyone to access transaction histories by using a block explorer.  

A block explorer is like a search engine for a blockchain. You can use it to find out all kinds of information like block history, crypto transactions, wallet addresses, etc. Basically, it's a tool that gives you a lot of data about what's happening on the blockchain in real-time, including different addresses associated with different transactions.

Scammers use the Block Explorer to gather wallet addresses, check their transaction history on the blockchain, and create fake wallet addresses, also called 'vanity addresses’, closely resembling those of their potential victims.

Because crypto addresses are a long string of letters and numbers that are hard to memorise or remember, they can create (fake) addresses with the same first and last few characters as their potential victims.

Step 2: Address Poisoning

After generating these fake addresses, scammers employ them to send tokens to their potential victims, thus creating a transaction history that closely resembles the victim's own address or that of their usual trading partners.

These tokens (and NFTs) the scammers send are usually of low value and small in amount. Due to their low transaction fees, address poisoning commonly occurs on blockchains such as Binance Smart Chain, Ethereum, and Polygon.

Step 3: Cryptocurrency Rerouting

The final stage of this scam occurs when the wallet owner unknowingly copies the scammer's address and sends crypto to them, believing it to be their own or that of a trusted friend or business partner.

Alternatively, it may occur when the victim unintentionally shares the fake address with someone who intends to send them cryptocurrencies like BTC, USDT, ETH, or other coins.

The Effect of Address Poisoning

Address poisoning has two significant negative effects on victims:

Traders can lose their crypto or other digital assets

Once a trader falls victim to successful address poisoning, they might unknowingly transfer hundreds or even thousands of dollars worth of crypto before realising what's happening.  Unfortunately, recovering these funds is nearly impossible, as blockchain transactions are irreversible.

Man loses $120,000 worth of crypto
In 2021, crypto hackers stole US$3.2 billion (A$4.48 billion) worth of cryptocurrency, according to Chainalysis. This was five times more than was stolen in 2020.

Address poisoning makes crypto traders vulnerable to other scams

Once your address gets poisoned, the scammer can take things further by sending you NFTs linked to destructive malware or phishing sites. Moreover, they can launch dust attacks on your wallet or account to obtain your personal information and subsequently blackmail you.

Address poisoning, phishing and crypto dusting are all branches of the same crypto scammer tree, trying to steal from unsuspecting traders.

How Obiex Can Help You Avoid Address Poisoning

At Obiex, we prioritise your security and provide features that help safeguard your assets:

Save Address Feature

Our mobile and web app allows you to save frequently used addresses. This way, you don't have to rely on copying and pasting addresses every time you trade.

What’s New on Obiex? Save Wallet Addresses
In 2022, Obiex promised to bring new and improved features to its platform, and we are pleased to announce the first one on our list - The Save Wallet Addresses Feature.

Crypto Sending via Username

Our username feature lets you conveniently send cryptocurrencies to other traders on the Obiex app. This eliminates the need to remember complex addresses and reduces the chances of falling victim to address poisoning.

How to send Crypto assets to another Obiexer with their username. | Obiex Finance Help Center
This article explains how to send cryptocurrency from your Obiex Wallet to another Obiex user using their cool usernames.

Extra Tips to Avoid Crypto Address Poisoning

Double and Triple-Check Addresses

Always exercise caution and verify addresses carefully before sending any crypto. Take the time to double and triple-check the receiver’s address to ensure it is accurate.

Test with Small Amounts

To add an extra layer of security, consider sending a small amount of crypto to the receiver’s address as a test to ensure it is correct. Although it may cost additional gas fees, it's a small price to pay compared to the potential losses resulting from sending your crypto to the scammer’s wallet.

How Obiex Secures Your Account and Assets
Here are five ways we ensure the safety of your funds and information on Obiex.

To Sum Up

Address poisoning takes advantage of how difficult it is for traders to recall their full wallet address and the human carelessness that sometimes happens when trading.  This type of scam can happen to everyone. However, a poisoned address can still be used without loss of funds if the owner always double-checks addresses or saves their addresses on apps like Obiex.