MetaMask warns crypto users about address poisoning
A new crypto wallet address scam that tries to take advantage of user carelessness has been on the rise, according to the MetaMask team.
In an announcement, digital wallet provider MetaMask warned users of an “address poisoning scam,” where attackers “poison” transaction histories by sending users tokens worth $0 to their wallets. The scammers will use wallet addresses generated from vanity address generators and match the first and last characters of their victim’s wallet address. This gets unsuspecting users to send their funds to the wrong copycat address.
A new scam called ‘Address Poisoning’ is on the rise. Here’s how it works: after you send a normal transaction, the scammer sends a $0 token txn, ‘poisoning’ the txn history. (1/3)
— MetaMask Support (@MetaMaskSupport) January 11, 2023
While the attempt would not give the hackers access to user wallets, people who may have gotten into the habit of copying their wallet address from the transaction history before sending digital asset balances could potentially send their funds to copycat addresses.
Related: Nomad exploit wallet address transfers $1.5M to Tornado Cash
Because of this, the wallet provider warned users to always be careful and double-check their transactions before sending their balances. The firm highlighted that it would be best to check every single character of the wallet address to ensure the funds are sent to the correct wallet.
Apart from this, the firm recommended that users stop copying wallet addresses from their transaction histories and use their address book when sending digital assets.