Disclaimer: The opinions expressed by our writers are their own and do not represent the views of U.Today. The financial and market information provided on U.Today is intended for informational purposes only. U.Today is not liable for any financial losses incurred while trading cryptocurrencies. Conduct your own research by contacting financial experts before making any investment decisions. We believe that all content is accurate as of the date of publication, but certain offers mentioned may no longer be available.
Ledger, a crypto wallet provider, alerts Solana (SOL) users to a critical development that could compromise the safety of their accounts.
In a tweet, Ledger warns of an ongoing phishing and address-poisoning scam targeting Solana users.
Address poisoning is a new type of scam that targets cryptocurrency users. An attacker "poisons" the target's account in this scam by transferring a small amount of crypto, in this case SOL or sometimes an NFT disguised as a voucher.
In some cases, the scammer may even make it appear as if the user initiated a "Send" transaction because the scammer's address may be tailored to look similar to the target's.
The overall aim remains to trick the user into mistakenly copying the scammer's address and sending funds to theirs rather than a legitimate one.
In this light, Ledger warns users that if they receive a dust SOL transaction, they should not click on any link in its memo because it could be malicious. They are also advised not to share their 24-word recovery phrase with anyone.
Users who receive dust SOL tokens should avoid interacting with the undesired tokens. They should not attempt to transfer or send the unwanted tokens to another account or burn address since doing so might activate the malicious smart contract associated with the tokens.
Instead, to hide the token balance from the display, right-click on it and select Hide Token from the menu.
While address-poisoning cannot be prevented, it can be readily defeated by following best practices while sending and receiving cryptocurrency. Users should avoid just grabbing deposit and destination addresses from the transaction history.