Scam Alert: Victim Lost Over $763K Via Crypto Address Poisoning

A Web3 scam investigator, Scam Sniffer, reported a crypto address poisoning incident on February 26th, resulting in a $763,000 loss for a victim. The victim, intending a legitimate transaction, mistakenly copied an address differing only in the middle characters from the intended recipient’s.

The scammer stole money by tricking the victim into sending it to their account. They did this by first making a small, seemingly unimportant transfer from a similar-looking address. This made their real, fraudulent address look legitimate in the victim’s transaction history.

The victim’s address is 0xf6b1539cc562c0ca5151825488eb8c3cdaf2b6e4. The fake address is 0x804051B0cbc20443943C4F363573eF9bB7793375, while the legitimate address is 0x80404F3eb7fEd80349954e8285eC8A9365793375.

Seeing this familiar-looking address, the victim mistakenly sent their money to the scammer. This works because people tend to quickly recognize patterns and assume things are correct if they seem familiar, even if there are small differences.

User Loses $71M in Address Poisoning

On May 3, 2024, an Ethereum user lost $71 million (1,155 WBTC) in an address poisoning scam. The scam started with a small $20 fee payment. A scammer used a similar address to the intended recipient, tricking the user into sending the large sum.

However, a scammer quickly capitalized on this, creating a deceptively similar address (0xd9A1C3788D81257612E2581A6ea0aDa244853a91) to the original recipient (0xd9A1b0B1e1aE382DbDc898Ea68012FfcB2853a91).

Furthermore, the scammer sent a tiny amount of ETH to the victim, making it look like a legitimate transaction in their history. The scammer’s address was very similar to the victim’s, differing only slightly.

Mistaking the scammer’s address for their own, the victim accidentally sent $71 million worth of cryptocurrency (1,155 WBTC) to the wrong account. The scammer quickly moved the money, using Uniswap to exchange parts of it.

Despite this loss, the victim still has over $1.6 million in DAI, which shows that they had a significant amount of cryptocurrency.

Crypto Address Poisoning Evolves

In May 2024, Binance introduced an algorithm to detect fake addresses by identifying suspicious transfers, particularly near-zero value or low-value tokens. A sophisticated cryptocurrency scam recently targeted Hong Kong businessman Joe Zhou.

Additionally, he received a text message appearing to be from Binance, warning of suspicious login activity from North Korea and instructing him to move his funds to a new SafePal wallet for protection during an investigation. Initially believing the message, Mr. Zhou began transferring his money.

However, he became suspicious and contacted a colleague at Binance, allowing him to recover some of his funds before the scammers realized he had detected the fraud.