Address Poisoning
Address poisoning is a scam where attackers create lookalike addresses to trick users into sending funds to the wrong address, often mimicking a legitimate one.
What Is a Address Poisoning?
A Address Poisoning is a type of scam in which attackers create lookalike cryptocurrency addresses that closely resemble legitimate ones. The goal is to deceive users into sending funds to the wrong address. This can occur when malicious actors mimic the format or characters of an address that is commonly used by a trusted entity, making it appear authentic.
The scam works by creating a vanity address, which is a customized address that may look similar to a known, trusted address. Attackers might use small variations in the address—such as changing a single character or adding extra characters—to make it seem familiar to a victim. When a user attempts to send cryptocurrency to a trusted address, they may unknowingly send it to the scam address instead.
Address poisoning is significant in the world of cryptocurrency and blockchain because it exploits the difficulty of verifying addresses manually. With transactions being irreversible and the lack of central authority to mediate disputes, once funds are sent to the wrong address, they are often lost permanently. This makes it especially dangerous for users who may not check addresses carefully or use secure methods to confirm the recipient.
Key characteristics of address poisoning include the use of vanity addresses and the creation of lookalike addresses. In some cases, attackers may even target specific individuals or organizations by creating addresses that resemble those of popular wallets or exchanges. The scam typically relies on the victim's assumption that they are sending funds to the right place, making it particularly dangerous in a world where cryptocurrencies are difficult to recover once lost.
Cryptocurrency is a digital or virtual currency secured by cryptography, operating on decentralized blockchain networks to enable secure, peer-to-peer transactions.
Read full definitionReal-World Examples
Example 1: When setting up a Ledger hardware wallet, you may accidentally send funds to an address that looks almost identical to the one provided by the device's official software. The malicious actor behind this Address Poisoning scam has created a vanity address that closely mimics the legitimate address, tricking you into transferring cryptocurrency to their wallet.
Example 2: A user receives a phishing email claiming to be from a popular cryptocurrency exchange, instructing them to send funds to a 'new' address for a security upgrade. The address in the email is a lookalike of the exchange's actual address, and the user unknowingly sends their funds to the scammer's wallet instead of the trusted exchange.
Example 3: During a token airdrop, a scammer creates an address that is almost identical to the legitimate project’s token distribution address. Users looking to claim the tokens mistakenly send their funds to the fraudulent address, losing their cryptocurrency permanently.
Example 4: A crypto influencer posts a wallet address on social media for donations. A scammer creates a similar address by changing a single character, hoping that fans who trust the influencer will send their donations to the wrong address.
Ledger is a brand of hardware wallets that securely store cryptocurrency private keys offline, such as the Ledger Nano series.
Read full definitionCryptocurrency is a digital or virtual currency secured by cryptography, operating on decentralized blockchain networks to enable secure, peer-to-peer transactions.
Read full definitionIn cryptocurrency, a swap is the direct exchange of one token for another on a blockchain, often via decentralized exchanges (DEXs) without intermediaries.
Read full definitionAn airdrop is a free distribution of cryptocurrency tokens to numerous wallet addresses, often to promote a project, reward users, or build community.
Read full definitionA token is a digital asset on a blockchain that represents value, ownership, utility, or access rights. Examples include ERC-20 tokens on Ethereum.
Read full definitionReady to Choose a Secure Wallet?
Use our tools to find the right hardware wallet for your needs.