The Vibe: Scammers flood your wallet history with tiny fake transactions from addresses that look eerily similar to ones you use, betting you’ll copy the wrong one and send your funds to them by mistake.
The Details: Address poisoning is a social-engineering scam targeting crypto wallets. Attackers create vanity addresses that match the beginning and end characters of your frequently used addresses (e.g., your own, an exchange deposit address, or a friend’s). They then send you small “dust” amounts (tiny worthless tokens or native coin fractions) or even zero-value spam transactions from these lookalike addresses. This inserts the poisoned address into your wallet’s transaction history. Later, when you need to send crypto and quickly copy an address from recent history instead of typing it fresh or using a saved contact, you might grab the fake one. The funds go straight to the scammer. No private keys are stolen—it’s all about tricking your copy-paste routine. Very common on EVM chains (Ethereum, Polygon, BSC) and Solana in 2025–2026, with losses in the tens of millions reported across cases. Wallets like MetaMask, Phantom, and Ledger have added warnings and partial mitigations, but user vigilance remains key.
Pro Tip: Never copy addresses directly from your transaction history—always use your wallet’s address book, saved contacts, or type/paste from a verified source. Triple-check the full address (especially middle characters wallets often truncate) before confirming any send. Hide or ignore unsolicited tiny incoming transactions to keep history clean. For large transfers, verify by sending a test amount first or use QR code scanning when available. Enable any wallet features that flag similar-looking addresses.