What Is Crypto Address Poisoning?
Address poisoning, also known as address spoofing, is how scammers and cybercriminals can poison or infiltrate your transaction history through dummy transactions.
It's a relatively new crypto/Web3 scam, and this article explains how it works, its effects and how to avoid it.
What is crypto address poisoning?
Address poisoning is a crypto wallet scamming method where a scammer tries to confuse a crypto trader or wallet owner by sending them small amounts of crypto through a fake wallet address very similar to theirs or someone they usually trade with.
They do this to trick the wallet owner into sending funds to the scammer's address.
It's important to note that while this method is less dangerous than other scams, it can still cause financial losses.
How Crypto Address Poisoning Works
Cryptocurrency address poisoning happens in the following three steps:
Step 1: Address Duplication
Crypto transactions are recorded on a public ledger/record known as the blockchain. This transparency allows anyone to access transaction histories by using a block explorer.
A block explorer is like a search engine for a blockchain. You can use it to find out all kinds of information like block history, crypto transactions, wallet addresses, etc.
Basically, it's a tool that gives you a lot of data about what's happening on the blockchain in real-time, including different addresses associated with different transactions.
Scammers use the Block Explorer to gather wallet addresses, check their transaction history on the blockchain, and create fake wallet addresses, also called 'vanity addresses,’ that closely resemble those of their potential victims.
Because crypto addresses are a long string of letters and numbers that are hard to memorise or remember, they can create (fake) addresses with the same first and last few characters as their potential victims.
Step 2: Address Poisoning
After generating these fake addresses, scammers employ them to send tokens to their potential victims, thus creating a transaction history that closely resembles the victim's own address or that of their usual trading partners.
These tokens (and NFTs) the scammers send are usually of low value and small in amount. Due to their low transaction fees, address poisoning commonly occurs on blockchains such as Binance Smart Chain, Ethereum, and Polygon.
Step 3: Cryptocurrency Rerouting
The final stage of this scam occurs when the wallet owner unknowingly copies the scammer's address and sends crypto to them, believing it to be their own or that of a trusted friend or business partner.
Alternatively, it may occur when the victim unintentionally shares the fake address with someone who intends to send them cryptocurrencies like BTC, USDT, ETH, or other coins.
The Effect of Address Poisoning
Address poisoning has two significant negative effects on victims:
Traders can lose their crypto or other digital assets
Once a trader falls victim to successful address poisoning, they might unknowingly transfer hundreds or even thousands of dollars worth of crypto before realising what's happening. Unfortunately, recovering these funds is nearly impossible, as blockchain transactions are irreversible.
Address poisoning makes crypto traders vulnerable to other scams
Once your address gets poisoned, the scammer can take things further by sending you NFTs linked to destructive malware or phishing sites. Moreover, they can launch dust attacks on your wallet or account to obtain your personal information and subsequently blackmail you.
Address poisoning, phishing and crypto dusting are all branches of the same crypto scammer tree, trying to steal from unsuspecting traders.
How Obiex Can Help You Avoid Address Poisoning
At Obiex, we prioritise your security and provide features that help safeguard your assets:
Save Address Feature
Our mobile and web app allows you to save frequently used addresses. This way, you don't have to rely on copying and pasting addresses every time you trade.
Crypto Sending via Username
Our username feature lets you conveniently send cryptocurrencies to other traders on the Obiex app. This eliminates the need to remember complex addresses and reduces the chances of falling victim to address poisoning.
Extra Tips to Avoid Crypto Address Poisoning
Double and Triple-Check Addresses
Always exercise caution and verify addresses carefully before sending any crypto. Take the time to double and triple-check the receiver’s address to ensure it is accurate.
Test with Small Amounts
To add an extra layer of security, consider sending a small amount of crypto to the receiver’s address as a test to ensure it is correct. Although it may cost additional gas fees, it's a small price to pay compared to the potential losses resulting from sending your crypto to the scammer’s wallet.
To Sum Up
Address poisoning takes advantage of traders' difficulty recalling their full wallet addresses and the human carelessness that sometimes occurs when trading.
This type of scam can happen to anyone. However, a poisoned address can still be used without loss of funds if the owner always double-checks addresses or saves them on apps like Obiex.
Disclaimer: This article was written to provide guidance and understanding. It is not an exhaustive article and should not be taken as financial advice. Obiex will not be held liable for your investment decisions.