The word ‘poison’ sets off alarms in the mind of anyone who hears it. Anything can be poisoned, including your crypto address. Absurd as it may sound, there is such a thing as address poisoning in crypto. It’s the latest arsenal in the scammers’ handbook on how to steal crypto from unsuspecting wallet owners. Let’s break it down.
What is Address Poisoning in Crypto?
Address poisoning, also known as address spoofing, is a new scamming technique where a scammer attempts to confuse a wallet owner by sending them tiny bits of crypto with a fake wallet address that looks very similar to theirs. Then the owner sends funds to the scammer’s address, thinking it’s theirs. This scamming method is not as dangerous as phishing and hacking, but a victim can still lose their funds this way.
It’s imperative that you grasp the how and why of address poisoning, as this will help you
- Recognise when your address has been poisoned.
- Follow best practices to ensure you don’t fall victim to the scam.
Address poisoning is so named because the perpetrators can successfully poison or contaminate the transaction history of their victims’ addresses by introducing dummy transactions. it is one of the newest vulnerabilities of the Web3, but victims can nip it in the bud if they know how it works.
How Does Address Poisoning Work?
We have divided this scam into three steps or stages. The scam isn’t successful until the third stage. The three stages are
- Address duplication
- Address poisoning
- Cryptocurrency rerouting
Let’s see how these crypto thieves get their hands on crypto funds.
1. Address Duplication
Firstly, transactions on the blockchain are public because the blockchain is a public ledger. This means anyone who cares to check can see your wallet address in the transaction history using a block explorer.
The scammers run these checks and gather a bunch of wallet addresses. Then they generate fake addresses called ‘vanity addresses’ that look similar to the ones they copied off the blockchain transaction history.
They can do this because crypto addresses are lengthy strings of numbers and letters that are difficult to memorise. So they generate addresses with the same first and last few characters as their intended victims. This is the first step before they go ahead to poison the addresses.
2. Address Poisoning
An address is poisoned when a scammer successfully sends tokens to it, creating a transaction history with a similar-looking address. This is the second step, and it is done to bait careless wallet owners.
Usually, the tokens sent are worthless or of very negligible value. Sometimes, it might even be an NFT. The scam has been more prevalent on the Polygon, Binance Smart Chain and even Rthereum blockchains because of the low transaction fees.
3. Crypto Rerouting
The attack is complete if you, as the wallet owner, copy the scammer’s address, and transfer funds to it, thinking it’s yours. It could be by giving the fake address to someone who wants to send you crypto or transferring your funds from a centralised exchange. We have tagged it crypto rerouting because, at this point, if you make any transaction, the tokens are rerouted to the scammer’s address.
Therefore, ensuring you do not complete the scam depends on your eye for detail and carefulness as a crypto wallet owner. But this can happen to even the most meticulous wallet users.
Also read: 5 Bitcoin Scams To Avoid
Risks of Address Poisoning
Address poisoning may seem harmless if the wallet holder catches the fake transactions before they mistakenly send crypto to the scammers. But on a closer look, When a crypto wallet address is poisoned, there are a few risks this poses to the wallet owner.
1. Losing All Owned Assets to Malicious Actors.
If a wallet holder falls prey to this attack, they could transfer many of their assets to the scammer before realising the error. At that point, it’s too late because transactions on the blockchain are irreversible.
They can transfer their assets from a centralised exchange to the scammer’s wallet, thinking it’s theirs. They could also reroute any crypto sent from another address to the scammer’s address.
2. Falling victim to other attacks, such as phishing or dusting attacks.
Address poisoning and dusting attacks start similarly but with different intentions. If your address is poisoned, the scammer can exploit the opportunity in various ways. They could send you NFTs with links to phishing sites or malware. They could also carry out a dust attack to uncover your identity and blackmail you into doing whatever they want. Mostly, the end goal of all these crypto attacks is to steal crypto from unsuspecting holders, except in cryptojacking where they want to install malware on your computer to secretly use it for mining purposes.
How Do You Prevent Address Poisoning?
Technically, you cannot prevent a scammer from poisoning your address. However, you can take certain preventive measures to avoid falling victim to the address poisoning scam. Follow these best practices to avoid falling into this scam.
1. Use a Wallet Address Book.
Whether you have noticed a dummy transaction on your transaction history or not, it is wise to use s wallet address book. This contact list provides you with a record of the original addresses you interact with, including yours. Having an address book will eliminate the need to copy/paste addresses from your old transactions.
2. Use Cold Hardware Wallets
There are two reasons why cold wallets are much safer than hot wallets. The first is that it is difficult for just anyone to access the private keys. The second is that most hardware wallets have address confirmation software embedded in them. For example, the Ledger hardware wallet displays the address on the hardware. Therefore, using cold wallets can help reduce the risk of address poisoning to the barest minimum.
3. Test Your Addresses With Smaller Amounts.
Despite being extra careful by double-checking the addresses before sending funds, it’s still good to test the waters to be extra sure. You can send tiny bits of crypto to the intended address to be sure it’s the right one. The only reason this option is unpopular is because of the extra gas fees for each transaction. However, spending an additional fee is better to ensure your funds land safely in the destination wallet, especially if you suspect that your wallet has been poisoned.
Note📌: If your wallet has been poisoned and you see that the scammer sent an NFT, do not click the link. Some wallets give the option to hide the NFT. Hiding it will help you avoid interacting with it if it contains phishing links.
The rise of this new scam method impresses even more on crypto holders to be more vigilant by using trusted crypto exchanges and wallet providers. It is especially crucial because some exchanges may not possess the level of security needed to protect your funds from attacks like this. The same goes for wallet providers and maybe even more since your wallet generates and safeguards your private keys.
How To Handle An Address Poisoning Attack
What do you do if you fall victim to address poisoning? What are the steps you take to safeguard your funds if you think your address has been poisoned?
Firstly, remember that anyone can be the victim of an attack, although scammers usually target addresses with heavy transactions in their history. So if your wallet has very few transactions in its history, the chances are slim that the malicious actors will attack your wallet.
What Should You Do If You Suspect a Poisoning Attack?
You can do little if you find a transaction in your history that you didn’t initiate. Take the following steps to protect yourself.
- Double-check your addresses before you confirm any transaction.
- Avoid copying and pasting addresses from your transaction history. Use an address book instead.
- Do not click any links if you find an NFT or token from a suspicious address.
- If your crypto is still in a custodial wallet on a centralised exchange, move them to a non-custodial wallet.
How to Recover From a Poisoning Attack
Let’s say you’ve fallen prey to these malicious actors and have sent them some funds. How do you get out of it? It’s pretty simple. Though it’s a devastating experience, the only thing to do is prevent further attacks. You do that by the best practices listed previously. You may also do the following.
Contact the customer support of your wallet provider.
Providers like Ledger, Metamask and Trezor have written about address poisoning. They urge their users to contact Customer Support immediately if they notice any suspicious transaction or have inadvertently rerouted funds to a spoofed address.
Address poisoning is a relatively new scamming technique that targets active wallet owners. It depends on a user’s negligence and carelessness and can happen to anyone. A poisoned address can still be used without the risk of losing funds if the user follows best practices such as double-checking addresses and even using cold hardware wallets.
Remember to report any suspicious transaction on your address and reach out to customer support if you discover that you’ve been scammed.
As far as crypto attacks are concerned, this is the one attack that requires just the carelessness of the holder to be successful. Hence, we advise every crypto holder to be more careful with their wallets and addresses.