We want to bring to your immediate attention a novel type of scam called address poisoning targeting crypto users worldwide. Here's the scam in summary:
Note: Just because your wallet/account has been 'poisoned' shouldn't prevent you from using it - you simply need to check the fine details, i.e., the address, very carefully.
It's a scam that targets all cryptocurrency users by sending a small amount of crypto to your wallet address - usually a near-zero amount.
The purpose is to ensure that this origination address which would have been expertly generated to look similar to your address, will now show up in your transaction history.
To illustrate, let's say your crypto address is: 0123456789abcdIl0acd; the scammer might have sent you $0.01 using this similar address: 0123456789bcdeIl0acd. The scammer is literally banking on the fact that you, as with most humans, will look only at the beginning and end characters as a quick visual confirmation. You wouldn't have noticed that the central characters have changed from 'abcd' to 'bcde'.
Now, you want to convert or buy and send more value to your poisoned crypto address and need to get your wallet address to do so - so you go to your transaction history (because it's easy) and copy and paste what you believe to be the correct address, your address - except it is the scammer's address, and BOOM! You've been scammed.
There are myriad open-source tools that allow scammers to generate addresses that closely follow targetted users' addresses. Tools like Profanity is one such example.
Also, because blockchain ledgers are publicly available, scammers can see which addresses hold the most crypto and target those for bigger pay-days.As per the above example, using a tool like Profanity means a scammer only needs to change the first few or last characters and rely on your lack of diligence to scam you.
In short, yes. However, scammers like to target users on blockchains where transaction fees are much smaller, allowing them to deploy their scams at scale. Remember: once the genie is out of the bottle, it won't ever go back in, i.e., you cannot get your funds back once they have been sent.
Act in haste and repent at leisure. Always go slow - especially when transacting with larger sums. Check each and every character of the address you are sending to and if something is off, abort.
The devil is literally in the detail.