This week, address poisoning attacks targeting crypto users led to over $1.6 million in scams, more than the total losses for the entire month of March.
According to the crypto scam prevention platform ScamSniffer, a victim lost 140 Ether (approximately $636,500) on Friday due to copying the wrong address.
The ScamSniffer team stated, 'Users sent 140 ETH to a disguised address due to copy-paste errors, which had already been implanted in the history.'
Another victim lost $880,000 on Sunday due to address poisoning, and security alerts indicated that other users lost $80,000 and $62,000 respectively on Wednesday.
Combining alerts from cybersecurity companies, Cointelegraph found that over $1.6 million has been lost through this method since Sunday, exceeding the $1.2 million lost in all of March.
Address poisoning relies on imitating addresses to commit fraud, with addresses sending small transactions disguised as legitimate ones, tricking users into copying the wrong address for future transactions.
'The poisoner sends small transfers, disguising themselves as a real address, making history copying a trap,' explained Web3 Antivirus.
This has led to 'transaction history poisoning', where scammers send fake transactions with similar addresses, appearing in the victims' transaction history.
In addition to the million-dollar address poisoning scam, at least $600,000 was lost this week as victims signed malicious phishing signatures.
On Tuesday, a victim lost $165,000 worth of BLOCK and DOLO tokens after signing a malicious signature.
ScamSniffer urges users to use address books or whitelists and verify the full address before sending.
