⚠️ Beware of Address Poisoning: A Sneaky Crypto Scam You Shouldn't Ignore

When it comes to crypto, even the smallest mistake can lead to big losses, especially with your wallet address. There’s a sneaky scam going around called address poisoning, and it’s causing people to accidentally send their crypto to the wrong wallet.

It’s cheap for scammers to do, hard to notice, and it works more often than you’d think.

In this post, we’ll explain how the scam works, how to spot it, and what you can do to protect yourself.

What is address poisoning?

Address poisoning is a scam where a bad actor creates a wallet address that looks almost identical to yours, same beginning and ending characters, for example:

Your real wallet: 0xA1B2...7890

Scammer’s address: 0xA1B3...7890

Then they send a tiny or worthless token (like $0.00) to your wallet from their fake address. This harmless-looking transaction now shows up in your transaction history.

Later, if you copy-paste your wallet address from your history (as many people do), you might accidentally copy the scammer’s lookalike address instead, and unknowingly send your real funds to the wrong wallet.

It’s simple, quiet, and devastating.

Take this address for example:

0x917f79bd9c4435179eb3c0c88e40951824580f99 (Binance Smart Chain Mainnet)

https://bscscan.com/address/0x917f79bd9c4435179eb3c0c88e40951824580f99#tokentxns

This wallet is part of an address poisoning campaign on Binance Smart Chain (BSC). It sends tiny token amounts to many other addresses, making it appear in wallet histories. If a user mistakenly selects this address instead of their own, they could end up sending real assets to the scammer.

We’ll be tracking this address further and analyzing its flow of funds to understand how widespread its activity is.

Image 1 captured from bscscan

Image 2 captured from bscscan

The outgoing transactions shown in images 1 and 2 are part of an address poisoning attack carried out by the scammer.

Now, let’s take a closer look using a visual graph with CATV

Image captured from the  Dashboard.

Looking at the graph, we can see that the scammer used exchanges like Bybit, Phemex, MEXC Global, and Gate. Once someone falls for the scam, the stolen crypto gets sent to these VASP (Virtual Assets Service Provider).

🔍 How to Spot Address Poisoning

Here are common signs you’re being targeted:

• You receive a transaction from a wallet that looks very similar to yours.

• The transfer is very small (often $0 or just a few cents).

• It appears shortly after you’ve made a real transaction.

🛡 How to Stay Safe

Avoiding this scam is easy if you follow a few good habits:

✅ Never copy your wallet address from your transaction history.

✅ Use a saved address book in your wallet app (e.g., MetaMask, Trust Wallet).

✅ Double-check the entire address, not just the first and last few characters.

✅ Send a small test transaction when dealing with a new address.

✅ Ignore dust tokens or unexpected airdrops, they're often part of the trick.

About the Crypto Analysis Transaction Visualization (CATV) Tool

The Crypto Analysis Transaction Visualization (CATV), developed exclusively by Uppsala Security’s expert team, serves as a sophisticated yet seamless forensic tool that offers in-depth insights into cryptocurrency transaction flows. This tool is designed to trace both inbound and outbound transactions linked to a specific wallet. CATV empowers users to effectively track, analyze, monitor, and graphically visualize cryptocurrency transactions, highlighting the flow of tokens and their interactions with various entities like exchanges and smart contracts.

Explore CATV in a brand new Avatar with easy to use credit system!!

Pay for only what you need and use.

Contact us at [email protected] for a free demo and more details!!