Sophisticated crypto address poisoning scams drain $1.2M in March

Victims falling prey to address poisoning scams have suffered significant financial losses, with over $1.2 million in cryptocurrency reportedly sent to scammers in March alone. Such scams, characterized as address poisoning or wallet poisoning, involve deceiving users into transferring their digital assets to fraudulent addresses that scammers control.

According to a March 19 post by Cyvers, an on-chain security firm, the recent surge in pig butchering schemes facilitated on the Ethereum blockchain has been particularly detrimental. These scams typically entail sending minor transactions to potential victims while mimicking frequently used wallet addresses. Consequently, unsuspecting users, when copying and pasting addresses from their transaction history, may inadvertently send funds to the scammer instead.

Throughout February, the total losses attributed to address poisoning scams exceeded $1.8 million. Deddy Lavid, Cyvers’ co-founder and CEO, pinpointed the escalation of such attacks to a combination of the increasing sophistication of scammers and a lack of robust pre-transaction security mechanisms. “More users and institutions are leveraging automated tools for crypto transactions, some of which may not have built-in verification mechanisms to detect poisoned addresses,” Lavid remarked.

The ongoing bull market in cryptocurrencies has led to heightened transaction volumes, further exacerbating the vulnerability to such scams. Lavid noted the absence of real-time pre-transaction screening across many wallets and platforms, which could potentially flag suspicious addresses before any funds are sent.

In a notable instance, an individual lost a staggering $71 million worth of Wrapped Bitcoin in May 2024 to an address poisoning scheme. The scammer had manipulated the victim into sending their assets to an address that closely resembled their own. Remarkably, the attacker returned the funds after gaining unwanted attention from blockchain investigators, placing a spotlight on the complexities of these scams.

Furthermore, the broader landscape of phishing scams poses a grave challenge to the cryptocurrency sector. Besides typical hacking incidents, the prevalence of prolonged and intricate manipulation tactics defines pig butchering schemes. These types of scams have cost the cryptocurrency industry upwards of $5.5 billion across 200,000 cases in 2024, as per Cyvers’s findings.

Victims of pig butchering scams often experience grooming periods that can last anywhere from one to three weeks, placing a disproportionate burden on individuals aged 30 to 49, a demographic particularly susceptible to these attacks. Alarmingly, 75% of victims reportedly lost over half of their net worth.

Phishing scams have been identified as the most significant security threat to the crypto industry in 2024, with attackers netting over $1 billion across 296 incidents. As the sophistication of scams continues to rise, the need for improved security measures and user education regarding potential risks remains imperative.