Home
News
- 1 Address poisoning attacks rely on the carelessness of the victim to transfer crypto assets to a wrong address.
- 2 Although you cannot prevent the attacker from creating a fake address that looks similar to your public key, you can ensure that you do not send crypto to the address.
What is Address Poisoning Attack in Crypto
Address poisoning is a type of crypto scam where the attacker relies on the carelessness of the crypto investor to mistakenly send crypto to a wrong address. The attacker poisons the transaction history of the investor by sending small amounts of crypto assets from an address that resembles the investor’s own or an address they frequently send crypto to. The intention is for the investor to mistakenly send them crypto by copying their address from the transaction history.
Blockchains with low transaction fees (like Polygon and BNB chain) are more prone to address poisoning. This is because the scammer would not need to spend too much on transaction fees.
How Does Crypto Address Poisoning Work
1). Address duplication
The attacker first creates a public address that is similar to that of the victim they want to attack. This new address is called a vanity address(or a fake address) and is created by copying the first and last few characters of the victim’s public address.
2). Bread-crumbing
After creating a vanity address, the attacker then sends a small amount of a token to the victim’s address. The attacker can send these tokens once or multiple times. By doing this, they poison the transaction history of the receiver. The next time the user goes to their transaction history to copy their address, they will see the vanity address with a similar character to their normal address and mistake it for their own.
Some crypto wallets allow you to hide tokens received from susceptible addresses. This prevents the address from showing up in your transaction history. Also, address poisoning does not compromise your crypto wallet as long as you don’t share your private key with the attacker or interact with the vanity address.
How to Stay Safe From Address Poisoning Attacks
1). Create an address book or contact list
An address book is a feature on some crypto wallets that allows you to make a list of public addresses you frequently interact with. You can also add nicknames to the addresses on the list. This will help you identify them with ease. Some crypto wallets also offer additional security if you want to transfer assets to an address that is not on the list. You can verify this address using a two-step authentication process. You can also set up notifications that alert you when any public address interacts with you. This will help you confirm your usual transactions and flag suspicious addresses.
2). Copy your public key directly from the wallet
Instead of copying your address from the transaction history, copy it directly from the crypto wallet. You can also use the QR code attached to the wallet when in doubt.
Andrew is a blockchain developer who developed his interest in cryptocurrencies while pursuing his post-graduation major in blockchain development. He is a keen observer of details and shares his passion for writing, along with coding. His backend knowledge about blockchain helps him give a unique perspective to his writing skills, and a reliable craft at explaining the concepts such as blockchain programming, languages and token minting. He also frequently shares technical details and performance indicators of ICOs and IDOs.
