Here’s How a Memecoin Trader Lost Over $3M to Scammers

A memecoin trader has lost over $3 million to scammers due to a mistake while transferring funds. The incident stemmed from copying an incorrect wallet address from their transaction history.

Always double-check the address before making a transfer!

Don’t copy addresses from your transaction history for convenience!

Someone lost $3.08M after copying the wrong deposit address from the transaction history.

A scammer created an address with the same first 4 characters… pic.twitter.com/Khn8v9Lzfi

— Lookonchain (@lookonchain) November 25, 2024

Trader Lost Over $3M

On-chain analysis revealed that the scammer generated a fake address resembling the legitimate deposit address, sharing the same first four characters. To ensure the fraudulent address appeared in the victim’s transaction history, the scammer sent a tiny transaction of 0.000001 SOL.

Without verifying the full address, the trader copied it directly from the transaction log, assuming it was correct since the first characters matched. Consequently, the victim transferred 7 million PYTH tokens, valued at around $3.1 million, to the scammer’s wallet.

In a related development, another trader faced a similar loss of $116,000 (488 SOL) after unknowingly copying a poisoned address. As in the PYTH token case, the scammer used identical tactics, crafting an address with matching initial characters and sending minimal SOL to make it appear legitimate.

Address Poisoning Scam

Address poisoning is a malicious scheme where bad actors create a fake address resembling their victim’s real address and send small portions of cryptocurrencies to the victim’s wallet. The idea is that when the unsuspecting user wants to execute a transaction, they will send the funds to the scammer’s wallet since it resembles their wallet address.

Scammers also use other forms of exploitation, such as phishing attacks, to deceive users. A recent example of this occurred alongside the address poisoning scam, where a victim unknowingly signed a malicious phishing contract.

According to Web3 security platform Cyvers Alerts, this led to the loss of ZKML tokens worth an estimated $74,800.

Similarly, CoinTab recently reported a Gigachad (GIGA) memecoin trader lost over $6 million in a phishing scheme involving a deceptive Zoom meeting link, according to blockchain analytics firm Onchain Lens. The trader reportedly clicked on a fake Zoom invite, which redirected them to a fraudulent website that captured sensitive wallet information.