MetaMask Alerts Users About New Crypto Scam Called Address Poisoning

Since the digital industry has grown recently, crypto scammers and fraudsters have ramped up their efforts to steal people’s money. With digital assets increasingly becoming a daily part of life, cybercriminals are trying new ways to target victims. That’s why the cryptocurrency wallet service provider, MetaMask, warns the crypto community about a new type of […]
Since the digital industry has grown recently, crypto scammers and fraudsters have ramped up their efforts to steal people’s money. With digital assets increasingly becoming a daily part of life, cybercriminals are trying new ways to target victims. That’s why the cryptocurrency wallet service provider, MetaMask, warns the crypto community about a new type of […]

Since the digital industry has grown recently, crypto scammers and fraudsters have ramped up their efforts to steal people’s money. With digital assets increasingly becoming a daily part of life, cybercriminals are trying new ways to target victims.

That’s why the cryptocurrency wallet service provider, MetaMask, warns the crypto community about a new type of scam model fraudsters using to take advantage of ‘user carelessness”. 

With the address poisoning technique, cybercriminals track a user’s transactions and generate a “vanity” wallet address that contains similar characters to an actual recipient’s address in the transaction history. Afterward, the fraudsters transfer $0 worth of tokens through a newly generated address to poison the transaction history. Bad actors hope users mistakenly copy the hack address instead of the real one in future transactions. 

Crypto vanity addresses are created via a generator. It allows a user to create an address containing similar characters to another user’s address. Scammers took advantage of the tool to create a wallet id that looks similar to the address they track. Notably, copycat addresses used in this type of crypto scam mainly have the same characters at the start and end of a wallet id. 

BTCUSD

How To Prevent Falling Prey To Address Poisoning Crypto Scam?

While committing crypto transactions daily, most users copy the recipient id from the transaction history. This way, users could send crypto funds to the scammer’s address in negligence. Once done, it’s impossible to reverse the transaction. Better to use an address book while transferring digital assets.

Although crypto users have gotten into the habit of copying a lengthy hexadecimal string from the transaction history, it’s safer to match every single character of the recipient wallet id while transferring. 

While responding to the community in the Twitter thread, MetaMask added; 

MetaMask is self custodial, so we never have access to accounts. We try to prevent scammers from harming our users, but we can’t stop everything users may choose to do with their wallets. If you need help: https://support.MetaMask.io – click the blue ‘Start a Conversation’ button.

Related Reading: Hong Kong to Limit Retail Investors’ Crypto Trading to Only ‘Highly Liquid’ Assets

The infrastructure service provider firm also published a blog post to spread awareness and explain how this crypto scam works. While admitting that it’s tough to memorize lengthy hexadecimal numbers, the MetaMask team noted:

You might see the first lot of characters only, or sometimes you may see the initial 5-10 or so and the final 5-10 or so, skipping the middle. This is how most people recognize addresses: not by knowing every single character, but by becoming familiar with the start and finish. This is the tendency that address poisoning preys on.