Address poisoning attacks, a kind of fraud intended to fool people into transferring money to the incorrect wallet, are becoming more common among Ethereum users. Although the technique has been around for a while, new data indicates that these attacks are now much more automated and pervasive, transforming what was previously sporadic spam into a massive operation.
Real cases out there
The issue is exemplified by a recent instance. Nima, an Ethereum user, claimed to have received over 89 Etherscan Address Watch alerts just after transferring only two stablecoins. Numerous small transactions that were sent to the wallet caused the alerts. These transfers were a part of an address poisoning campaign, not actual payments.
The process of address poisoning has a straightforward objective: to add fictitious lookalike addresses to a user's transaction history. Attackers keep an eye on blockchain activity and wait for transactions that are legitimate.
Automated systems create addresses that resemble the initial and final characters of previously used wallets after a user sends money. Then small transactions — typically dust transfers worth less than a cent — are sent using these fake addresses. The fictitious address shows up in the history since many wallets and explorers display recent transactions prominently.
Risks of poisoning
The user may inadvertently copy the poisoned address rather than the correct one when they wish to send money again later. The scope of these assaults is substantial.
Approximately 17 million poisoning attempts were made against approximately 1.3 million Ethereum users between July 2022 and June 2024, with confirmed losses exceeding $79 million, according to a 2025 study.
The primary cause behind the rise in these attacks is basic economics. According to research, the success rate of a poisoning attempt is only approximately 0.1%, or one successful scam out of every 10,000 attempts. Attackers, however, make up for it by sending a large quantity of poison transfers.
Additionally, lower network fees have contributed. Transaction costs decreased after Ethereum's Fusaka upgrade, making it less expensive for attackers to send thousands or even millions of dust transactions.
Dan Burgin
Vladislav Sopov
