A few weeks ago, an Etherscan user named Nima shared an unpleasant experience. After completing just two stablecoin transfers, he received more than 89 address monitoring alert emails in a short time.
Those alerts were actively triggered by attackers.
What Is Address Poisoning Attack
- Monitor on-chain transactions and find your recent transfers
- Automatically generate a fake address whose beginning and end look exactly like an address you’ve interacted with
- Immediately send a very small amount to you so that this fake address appears in your transaction history
The next time you open your history, you see two addresses that look almost identical. If you’re not careful, you copy the fake one.
As Ethereum transaction fees have dropped, these attacks have become cheaper and more frequent.
After the upgrade, dust transfers (suspicious small transactions under $0.01) for USDT alone grew by 612%.
The attacker’s logic is simple: even if the success rate is only 0.01%, as long as they send enough, someone will take the bait.
How to Prevent
- Always verify the full address before sending funds—don’t rely only on the first and last few characters.
- Save frequently used addresses in your wallet’s address book.
- Don’t copy unfamiliar addresses directly from chat history or transaction history.
- Check whether the destination address has any risk records before you transfer.
Before you send, take a moment to verify. A quick check can prevent costly mistakes.