Crypto security firm Scam Sniffer said address poisoning scams recently cost just two victims more than $62 million, highlighting the growing scale of a long-running crypto fraud tactic.
The losses included a $12.2 million theft in January and a separate $50 million incident in December, both involving victims copying lookalike wallet addresses from their transaction histories.
Address poisoning occurs when attackers send small “dust” transactions from addresses designed to resemble trusted ones, hoping victims mistakenly reuse the wrong destination.
“Address poisoning is one of the most consistent ways large amounts of crypto get lost,”
Said Web3 Antivirus, adding that recent cases show the trend “isn’t slowing down.”
Scam Sniffer also reported a surge in signature phishing, with $6.27 million stolen from 4,741 victims in January, a 207% increase from December, with two wallets responsible for 65% of losses.
Analysts say Ethereum’s Fusaka upgrade has lowered transaction costs, making dust attacks cheaper, with stablecoin dust now accounting for a significant share of daily activity on Ethereum.
Researchers warned that unless users verify full wallet addresses and revoke risky approvals, address poisoning and signature phishing will remain major sources of crypto losses.
At the time of reporting, Ethereum price was $2,030.12.