Breaking News
Get 40% Off 0
🔎 See NVDA's full ProTips for an instant risks or rewards Claim 40% OFF

What Is Address Poisoning? Everything You Need to Know

Published Jan 13, 2023 11:30AM ET Updated Jan 13, 2023 01:00PM ET
Saved. See Saved Items.
This article has already been saved in your Saved Items
What Is Address Poisoning? Everything You Need to Know

Despite hacks and scams regularly hogging the spotlight for the bigger part of 2022, overzealous fraudsters came up with a new method to steal money from crypto wallets. Address poisoning is a new phishing attack that involves changing the Secret Recovery Phrase, then modifying the transaction history. The main difference between address poisoning and the usual scamming technique is that address poisoning heavily relies on the user’s carelessness.

.tweet-container,.twitter-tweet.twitter-tweet-rendered,blockquote.twitter-tweet{min-height:261px}.tweet-container{position:relative}blockquote.twitter-tweet{display:flex;max-width:550px;margin-top:10px;margin-bottom:10px}blockquote.twitter-tweet p{font:20px -apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Helvetica,Arial,sans-serif}.tweet-container div:first-child{ position:absolute!Important }.tweet-container div:last-child{ position:relative!Important }

How Address Poisoning Works

The leading DeFi crypto wallet provider MetaMask penned a long blog post warning crypto enthusiasts around the globe to double-check the crypto wallet addresses and spread the word about address poisoning to prevent money loss. Firstly, the culprit exploits the victim’s transaction history. For address poisoning to work in full effect, the fraudster generates similar ‘vanity’ addresses to the one a user has.

Indeed, crypto wallet addresses are very hard to remember, because of the cryptographically generated hexadecimal numbers. Hackers tend to instill these new addresses in the counterfeit transaction history, and usually, there’s no visual difference between the actual crypto wallet address and the fake one.

Secondly, once the scammer has created a similarly-looking crypto wallet address, the evildoer sends a transaction of a small value to the newly created dummy wallet. After this happens, the user’s crypto wallet is ‘poisoned.’ This is because the transaction history on MetaMask or any other DeFi wallet shows the hacker’s new address, which is visually unidentifiable as different. Most crypto enthusiasts visually indicate their wallet by the starting and ending characters, while the middle part of an address is rarely remembered.

Finally, this creates an opportunity for the hacker to contaminate the wallet dummy addresses. The next time the unsuspecting user tries to copy the crypto wallet address from the transaction history, the funds might end up in the almost identically-looking hacker’s wallet.

How to Prevent Address Poisoning

Luckily, there are a few go-to methods to prevent the bad actors of crypto from stealing your money. Naturally, the easiest solution to this problem is simply double-checking the crypto wallet addresses before sending the funds. Here are two more advanced workarounds for crypto enthusiasts fearing getting contaminated with address poisoning.

1) Use an address book

In most cases of address poisoning, having an address book instead of copying crypto wallet addresses from personal transaction history should solve the problem. The feature can be accessed on MetaMask by going to Settings > Contacts.

In this way, there are two issues immediately fixed. Firstly, the wallet owner won’t have to copy-paste the addresses, erasing the possibility of copy-pasting the bogus address. Moreover, the address book requires confirmation before putting addresses on it. The hapless hackers cannot change the addresses submitted by the wallet owner.

2) Use a cold wallet

Another effective way of rescuing oneself from the hassle of trying to retrieve lost crypto funds has a cold wallet. Hence, a self-custody wallet not connected to the internet is less susceptible to fraudulent phishing attacks by evil computer geniuses. On top of that, cold hardware wallets form a habit of checking and confirming every transaction sent.

Besides, the second layer of security in such a case could be ‘test transactions.’ These are carried out by sending a nominal amount of money and then waiting for the confirmation that the recipient’s address is indeed the correct one. However, test transactions are unpopular among the crypto community, as it requires double the gas fees.

On the Flipside

  • Having a cold hardware wallet reduces the chances of getting hacked.
  • However, there’s been reports that cybercriminals managed to poison cold wallet addresses.
  • Hence, there’s no way to stop scammers from sending money to your crypto wallet.
  • A habit of “continual scrutiny” is recommended by MetaMask.

Why You Should Care

While ‘address poisoning’ is a relatively new scamming technique, 2022 was one of the most active years in crypto hacks and scams. Ultimately, the crypto transgressors tend to carry out phishing exploits in most cases.

Learn more about the most gripping hacks and scams:

Fake Pokémon NFT Game Infests Users’ Computers With Malware

He Fell Victim to Crypto Romance Scam: What’s Waiting Ahead?

See original on DailyCoin

What Is Address Poisoning? Everything You Need to Know

Related Articles

Add a Comment

Comment Guidelines

We encourage you to use comments to engage with other users, share your perspective and ask questions of authors and each other. However, in order to maintain the high level of discourse we’ve all come to value and expect, please keep the following criteria in mind:  

  •            Enrich the conversation, don’t trash it.

  •           Stay focused and on track. Only post material that’s relevant to the topic being discussed. 

  •           Be respectful. Even negative opinions can be framed positively and diplomatically. Avoid profanity, slander or personal attacks directed at an author or another user. Racism, sexism and other forms of discrimination will not be tolerated.

  • Use standard writing style. Include punctuation and upper and lower cases. Comments that are written in all caps and contain excessive use of symbols will be removed.
  • NOTE: Spam and/or promotional messages and comments containing links will be removed. Phone numbers, email addresses, links to personal or business websites, Skype/Telegram/WhatsApp etc. addresses (including links to groups) will also be removed; self-promotional material or business-related solicitations or PR (ie, contact me for signals/advice etc.), and/or any other comment that contains personal contact specifcs or advertising will be removed as well. In addition, any of the above-mentioned violations may result in suspension of your account.
  • Doxxing. We do not allow any sharing of private or personal contact or other information about any individual or organization. This will result in immediate suspension of the commentor and his or her account.
  • Don’t monopolize the conversation. We appreciate passion and conviction, but we also strongly believe in giving everyone a chance to air their point of view. Therefore, in addition to civil interaction, we expect commenters to offer their opinions succinctly and thoughtfully, but not so repeatedly that others are annoyed or offended. If we receive complaints about individuals who take over a thread or forum, we reserve the right to ban them from the site, without recourse.
  • Only English comments will be allowed.
  • Any comment you publish, together with your profile, will be public on and may be indexed and available through third party search engines, such as Google.

Perpetrators of spam or abuse will be deleted from the site and prohibited from future registration at’s discretion.

Write your thoughts here
Are you sure you want to delete this chart?
Post also to:
Replace the attached chart with a new chart ?
Your ability to comment is currently suspended due to negative user reports. Your status will be reviewed by our moderators.
Please wait a minute before you try to comment again.
Thanks for your comment. Please note that all comments are pending until approved by our moderators. It may therefore take some time before it appears on our website.
Are you sure you want to delete this chart?
Replace the attached chart with a new chart ?
Your ability to comment is currently suspended due to negative user reports. Your status will be reviewed by our moderators.
Please wait a minute before you try to comment again.
Add Chart to Comment
Confirm Block

Are you sure you want to block %USER_NAME%?

By doing so, you and %USER_NAME% will not be able to see any of each other's's posts.

%USER_NAME% was successfully added to your Block List

Since you’ve just unblocked this person, you must wait 48 hours before renewing the block.

Report this comment

I feel that this comment is:

Comment flagged

Thank You!

Your report has been sent to our moderators for review
Continue with Google
Sign up with Email