HOME>Blog>Address Poisoning: The Devil Is Always In The Detail

Address Poisoning: The Devil Is Always In The Detail

Educational
Security
Savl
Blogpost logo

The Devil Is Always In The Detail

We want to bring to your immediate attention a novel type of scam called address poisoning targeting crypto users worldwide. Here's the scam in summary:

  • The scammer will send a tiny amount of crypto to your wallet address so that their address shows up in your transaction history - this is known as poisoning.
  • The scammer's address will be very similar to your address; this is where the deception or 'slight of hand' comes in.
  • The scammer is betting that you'll copy and paste their similar-looking address from your transaction history and, by mistake, send them some or all of your crypto funds.

What You Can Do

  • You can easily avoid this by carefully checking the details of your wallet address before transacting and unwittingly copying and pasting the scammer's wallet address.
  • Never copy and paste wallet addresses from your transaction history.
  • You can use the only KYT (Know Your Transaction) service built into a non-custodial wallet (ours) to ensure you aren't transacting with a suspicious address. However, this is not a guarantee.

Note: Just because your wallet/account has been 'poisoned' shouldn't prevent you from using it - you simply need to check the fine details, i.e., the address, very carefully.

What is address poisoning?

It's a scam that targets all cryptocurrency users by sending a small amount of crypto to your wallet address - usually a near-zero amount.

The purpose is to ensure that this origination address which would have been expertly generated to look similar to your address, will now show up in your transaction history.

To illustrate, let's say your crypto address is: 0123456789abcdIl0acd; the scammer might have sent you $0.01 using this similar address: 0123456789bcdeIl0acd. The scammer is literally banking on the fact that you, as with most humans, will look only at the beginning and end characters as a quick visual confirmation. You wouldn't have noticed that the central characters have changed from 'abcd' to 'bcde'.

Now, you want to convert or buy and send more value to your poisoned crypto address and need to get your wallet address to do so - so you go to your transaction history (because it's easy) and copy and paste what you believe to be the correct address, your address - except it is the scammer's address, and BOOM! You've been scammed.

How did they almost copy my address?

There are myriad open-source tools that allow scammers to generate addresses that closely follow targetted users' addresses. Tools like Profanity is one such example.

Also, because blockchain ledgers are publicly available, scammers can see which addresses hold the most crypto and target those for bigger pay-days.As per the above example, using a tool like Profanity means a scammer only needs to change the first few or last characters and rely on your lack of diligence to scam you.

Is this affecting all cryptos?

In short, yes. However, scammers like to target users on blockchains where transaction fees are much smaller, allowing them to deploy their scams at scale. Remember: once the genie is out of the bottle, it won't ever go back in, i.e., you cannot get your funds back once they have been sent.

The bottom line

Act in haste and repent at leisure. Always go slow - especially when transacting with larger sums. Check each and every character of the address you are sending to and if something is off, abort.

The devil is literally in the detail.

___

Thank you for reading this article and if you have any questions, feel free to reach out via Telegram @savl_support or join the conversation on Twitter @Savl_official.

Recent publications

Feb 13, 2024
Educational
Orca (ORCA)

7 min.
Savl
Feb 2, 2024
Educational
Jito (JTO)

5 min.
Savl