LearnCoinsReviewsSecurityGlossarySearchStart Here →
Beginner · Learning Resource

Address Poisoning Scams Explained

LC
The Latest Crypto TeamIndependent crypto education · made with love
Updated Feb 20267 min readReferenced & reviewed

Address poisoning is a quiet, clever scam. Attackers slip a transaction into your wallet history from an address that looks almost identical to one you use. Later, when you copy an address from your history to send funds, you grab theirs by mistake. This guide shows exactly how it works and the one habit that defeats it.

💡

The 20-second version

Crypto addresses are long, so most people only check the first and last few characters. Attackers generate a lookalike address with matching ends and send you a tiny transaction so it appears in your history. The fix: never copy an address from your history — always verify the full address from the source.

What address poisoning is

Wallet addresses are long strings of characters that nobody memorises. Because of that, wallets and people tend to glance only at the beginning and end — say '0x7a3f...e9c2'. Attackers exploit this by using software to grind out an address whose first and last characters match one you recently sent to.

They then 'poison' your history with a transaction from that lookalike — often a zero-value or dust transfer. It now sits in your transaction list looking like an address you've used before. The trap is set for the next time you pay that contact.

How the trick plays out

  • You send funds to a real contact's address ending in, say, '...e9c2'.
  • The attacker generates a lookalike that also starts and ends the same way.
  • They send you a tiny or zero-value transfer so the lookalike appears in your history.
  • Next time you pay your contact, you copy from history — and grab the poisoned address.
  • Your funds go to the attacker, and the transaction can't be reversed.
⚠️

Why it works on careful people

This scam doesn't rely on you being careless — it relies on the natural shortcut of checking only the ends of an address. Even experienced users have lost large sums this way. The transaction is final once sent.

How to stay safe

  1. Never copy a recipient address from your transaction history. Treat history as untrusted.
  2. Get the address from the original, trusted source each time — the person directly, a saved contact you created, or the official site.
  3. Verify the full address, not just the ends. Check several characters in the middle too.
  4. Save addresses you reuse to a verified address book inside your wallet, and pay from there.
  5. Always send a small test amount first when paying a new or large address, and confirm receipt before sending the rest.
Confirm the address on a trusted screen

A hardware wallet shows the receiving address on its own display so malware can't swap it. The Trezor Safe 5 is a strong open-source pick — see our reviews before buying.

Check price →Affiliate link — we may earn a commission at no cost to you.

Address poisoning is often confused with clipboard malware, which silently replaces an address you've copied. They're different attacks, but the defence overlaps: verify the full address on the destination screen before you confirm any send. Building that habit protects you from both.

Key takeaways

  • Attackers plant lookalike addresses in your history that match the start and end.
  • Never copy a send address from your transaction history.
  • Verify the full address from a trusted source, including the middle.
  • Send a small test amount first for new or large payments.

Frequently asked questions

Can address poisoning take money without me doing anything?

No. The poisoning transaction is harmless on its own. You only lose funds if you later copy the lookalike address and send to it yourself.

Why did a tiny transfer appear in my wallet from an unknown address?

That's often the bait. Don't interact with it, and never copy that address. Just be aware your history now contains a decoy.

Does using a hardware wallet stop this?

It helps you verify the true address on the device, but the core defence is your own habit of never trusting addresses pulled from history.

LC

The Latest Crypto Team

Independent crypto education · free for all

We built LatestCrypto because we were fed up with the scams, shilling and terrible advice that fill the crypto internet. Everything here is free, honest and made with love — no hype, no “trust me bro”, and we’ll never tell you what to buy. Spotted something we got wrong? Tell us, and we’ll fix it.

Keep reading

Beginner
Scams & Security

Clipboard Malware Explained

Clipboard hijacking malware silently swaps a crypto address you copied for the attacker's. Learn how it works

LC The Latest Crypto Team · 7 min
Beginner
Scams & Security

How to Avoid Crypto Scams: The Cornerstone Safety Guide

The common crypto scams — fake support, phishing, giveaways, romance and rug pulls — and the simple habits tha

LC The Latest Crypto Team · 5 min
Beginner
Scams & Security

Wallet Drainer Scams Explained

How wallet-drainer scams trick you into signing a malicious transaction that empties your wallet in seconds —

LC The Latest Crypto Team · 8 min