The scammers will use wallet addresses generated from vanity address generators and match the first and last characters of their victim’s wallet address.
A new crypto wallet address scam that tries to take advantage of user carelessness has been on the rise, according to the MetaMask team.
In an announcement, digital wallet provider MetaMask warned users of what is called an “address poisoning scam,” where attackers “poison” transaction histories by sending users tokens that are worth $0 to their wallets. The scammers will use wallet addresses generated from vanity address generators and match the first and last characters of their victim’s wallet address. This is done in hopes of getting unsuspecting users to send their funds to the wrong copycat address.
A new scam called 'Address Poisoning' is on the rise. Here's how it works: after you send a normal transaction, the scammer sends a $0 token txn, 'poisoning' the txn history. (1/3)
— MetaMask Support (@MetaMaskSupport) January 11, 2023
While the attempt would not give the hackers access to user wallets, people who may have gotten into the habit of copying their wallet address from the transaction history before sending digital asset balances could potentially send their funds to copycat addresses.
Related: Nomad exploit wallet address transfers $1.5M to Tornado Cash
Because of this, the wallet provider warned users always to be careful and double-check their transactions before sending their balances. The firm highlighted that it would be best to check every single character of the wallet address to make sure that the funds will be sent to the correct wallet.
Apart from this, the firm recommended that users stop copying wallet addresses from their transaction histories and use their address book when sending digital assets.