A Costly Mistake: Copying the Wrong Address
A crypto investor lost more than $1.25 million in Tether (USDT) after accidentally sending funds to a fake wallet address designed to look almost identical to a legitimate one. The incident is part of a growing trend known as the “address-poisoning” scam, where attackers exploit users’ transaction histories to trick them into transferring funds to malicious addresses.
In these scams, attackers send tiny or zero-value transactions from look-alike wallet addresses to the victim. Because these fake addresses mimic the first and last few characters of genuine ones, users can easily mistake them for trusted addresses when copying from their transaction list.
How the Scam Works
Crypto-security analysts explain that this tactic relies on the victim’s natural habit of copying addresses from their wallet history. In the latest case, the wallet owner copied an address they believed was used 99 days earlier—unaware that it was an attacker’s imitation. This subtle manipulation of transaction records, often called “history poisoning,” makes the scam particularly dangerous.
Unfortunately, once a blockchain transaction is confirmed, it cannot be reversed. Unless the scammer voluntarily returns the funds—a rare occurrence—the money is gone for good. To counter such risks, wallet providers are now working on detecting zero-value transfers and flagging near-identical addresses. However, the human element remains the biggest vulnerability.
What Users Can Do to Stay Safe
The rise of address-poisoning scams highlights the shift from large-scale hacks to more psychological, behavior-based attacks in crypto. These scams don’t exploit blockchain flaws but rather users’ trust and habits. To minimize risk, experts recommend:
- Always verifying the entire wallet address, not just the first and last few characters.
- Avoiding copy-paste actions directly from transaction history.
- Using address books or whitelists in wallets for trusted destinations.
- Sending small test transactions before large transfers.
For institutional investors and high-net-worth holders, this incident underscores the need for stronger operational security protocols. Human workflows—such as address verification and approval procedures—should be part of every crypto security strategy, alongside key management and contract audits.
