Address Poisoning
A crypto scam that sends tiny transactions from a wallet address visually similar to one in the victim's transaction history, hoping the victim accidentally copies the wrong address.
Also known as: dust attack, address dusting, look-alike address attack
Last reviewed: 1 June 2026
Address poisoning exploits the common shortcut of copying a recent transaction address from your wallet history rather than re-entering the full 42-character address from scratch. Attackers generate a wallet address whose first and last few characters match those of an address the victim has recently used, then send a dust transaction (usually worth almost nothing) to appear in the victim's history.
When the victim next wants to send funds to the legitimate address, they scroll through recent transactions, glance at the familiar-looking start and end characters, and copy what is actually the attacker's address. Because blockchain transactions are irreversible, the funds are unrecoverable once sent.
Mitigation is simple: always verify the entire address character-by-character, use address-book features in your wallet software, and never rely on the first and last few characters alone. Hardware wallets that display the full address on a trusted screen provide an additional check.
Examples
- A user sends 5 ETH to an address ending in '...a3f8' — which appears in their history — but the actual recipient address ends in '...A3F8' (different case characters), owned by a scammer.
- After sending USDC to a colleague, the user receives a dust transaction from an address with matching prefix and suffix, which gets accidentally used for the next transfer.