What Is Address Poisoning in Crypto?

Address poisoning attack is a crypto scam where attackers generate wallet addresses that closely resemble a victim’s real transaction counterparties. These fake addresses are then sent as small, seemingly harmless transactions to the victim’s wallet, hoping they’ll appear in their transaction history.

Because many users copy and paste wallet addresses from their recent transactions without double-checking, they may mistakenly send funds to the fraudulent address. Since blockchain transactions are irreversible, any funds sent to a poisoned address are permanently lost.

How Address Poisoning Attacks Work

Step 1: Identifying a Target

Attackers monitor the blockchain to find active wallet addresses. Since every attack incurs network fees, scammers focus on frequently used wallets rather than dormant ones.

Step 2: Generating Look-Alike Addresses

Because crypto wallet addresses are long and complex, users often verify only the first and last few characters. Attackers exploit this by creating similar-looking addresses—known as "vanity addresses"—that appear legitimate at a glance.

For example, these two addresses look alike but are completely different:

Step 3: Poisoning the Victim’s Transaction History

Once the attacker has generated a look-alike address, they send a tiny amount of crypto—often just a fraction of a cent—to the victim’s wallet. This small transaction ensures that the fake address appears in the "recent transactions" list of the victim’s wallet.

Step 4: Victim Copies the Poisoned Address

Later, when the victim needs to make a transaction, they often copy and paste an address from their recent history—unknowingly selecting the scammer’s fake address. The funds are sent directly to the attacker, and since blockchain transactions are irreversible, the money is lost.

Why This Scam Works

🚨 Humans rely on shortcuts: Most users don’t memorize full wallet addresses.
🚨 Auto-fill & recent transactions make mistakes easy: Wallets prioritize convenience, unintentionally making poisoning scams more effective.
🚨 Address shortening features increase risk: Some wallets only show the first and last few characters of an address, making spoofed addresses look identical.

Prevent Address Poisoning with Scorechain

Scorechain provides industry-leading address poisoning detection software to help compliance officers and businesses detect, flag, and prevent fraudulent wallet activities.

🔍 Scorechain’s Solution:

✔ Identify suspicious address patterns before transactions are compromised
✔ Monitor transaction histories to detect and flag poisoned addresses
✔ Metamask SafeTransfer, screen transactions in real time
✔ Advanced risk scoring to identify high-risk transactions
✔ Receive real-time alerts on high-risk activity linked to address poisoning

Stay Ahead of Crypto Scams with Scorechain

Don’t wait until it’s too late - protect yourself with cutting-edge compliance solutions.