Cryptocurrency investors lost millions in January from increasingly sophisticated scams. One victim lost $12.2 million in an “address poisoning” attack, where attackers trick users into sending funds to a fake look-alike address. Meanwhile, signature phishing attacks surged by 207%, stealing $6.27 million from 4,741 victims. Security firms report these trends are accelerating, partly due to lower transaction costs on the Ethereum network.
A single cryptocurrency investor lost $12.2 million in January by copying a fraudulent address in a so-called address poisoning attack. This adds to a similar incident in December where losses totaled $50 million, according to blockchain security analysts. The method involves attackers sending small transactions from addresses that mimic those in a target’s history, hoping victims mistakenly copy them for future transfers.
Scam Sniffer also reported a sharp rise in signature phishing attacks last month. This separate scam tricked 4,741 victims out of $6.27 million, marking a 207% increase compared to December. Two specific wallets accounted for 65% of all signature phishing losses, where users are deceived into signing malicious blockchain transactions granting unlimited token approvals.
Security experts state that address poisoning remains a consistent and severe threat. “Address poisoning is one of the most consistent ways large amounts of crypto get lost,” reported security firm Web3 Antivirus. They note that tracked losses from this method have ranged from $4 million to $126 million historically.
The researchers explained that attackers generate full addresses matching the first and last few characters of a legitimate one. This makes the fraudulent address appear identical at a glance, but the middle section is completely different. “Recent incidents show this trend isn’t slowing down,” they stated.
Analysts speculate that the increase in such attacks may be linked to lower costs on the Ethereum network following its Fusaka upgrade in December. This has made it cheaper for scammers to execute “dusting” transactions. Data from Coin Metrics shows stablecoin-related dust activity now constitutes approximately 11% of all Ethereum transactions.
Their analysis of over 227 million stablecoin wallet balance updates found 38% were valued under one cent. This pattern is consistent with millions of wallets receiving tiny poisoning deposits. Separately, Whitestream reported that the DAI stablecoin has become a preferred tool for illicit actors. The firm cited the protocol’s governance model, which does not cooperate with authorities in freezing wallets, as a reason.
