To avoid falling victim to an address poisoning attack, Metamask wallet users should avoid the practice of copying and pasting wallet addresses, the crypto wallet app’s support team has warned. Instead, Metamask users should “get in the habit of carefully checking every character in an address” before sending a transaction.
Fraudsters who take advantage of users’ carelessness
Users of the Metamask crypto wallet should beware of a new fraud tactic known as an address poisoning attack that relies on user “carelessness and haste,” the team behind the cryptocurrency wallet has warned. The Metamask team added that while the attack method may seem harmless, “it can just as easily lead to the loss of funds.”
A new scam called “Address Poisoning” is on the rise. Here’s how it works. after sending a normal transaction, the scammer sends a $0 token txn, “poisoning” the txn history. (1/3)
— MetaMask Support (@MetaMaskSupport) January 11, 2023
In its Jan. 11 statement explaining how scammers are using this new tactic to steal from unsuspecting users, Metamask’s support team said that cybercriminals and scammers often use common crypto user behavior, such as wallet addresses copy and paste. While this ensures that funds are sent to the correct address, the team warned that scammers are aware that many users don’t want to memorize their wallet addresses. It was said in the statement.
“Because they are so long, crypto wallet addresses are usually shortened. You may see only the first digits, or sometimes you may see the first 5-10 or that and the last 5-10, leaving out the middle one. This is how most people recognize addresses. not by knowing every character, but by getting to know the beginning and the end. This is the trend that applies to poison victims.’
Users must verify each character of the wallet address
According to the Metamask support team, scammers often launch a poisoning attack by sending a small amount of money to a fake wallet address that closely matches the user’s Metamask wallet address. The scammer will then wait and hope for the targeted user[s] “will inadvertently copy their address from your transaction history and paste it elsewhere.”
Since such transactions are considered immutable or irreversible, when funds are sent to the wrong address, they are lost forever. Therefore, wallet users should take all precautions including “verifying every character”. Metamask’s support team said wallet users should try to end the practice of copying addresses from their transaction history.
Instead, wallet users should “get in the habit of thoroughly checking every character in an address before sending a transaction.”
What do you think about this story? Let us know what you think in the comments section below.
Image credits:: Shutterstock, Pixabay, Wiki Commons
DisclaimerThis article is for informational purposes only. It is not a direct offer or an offer to buy or sell, or a recommendation or endorsement of any products, services or companies. Bitcoin.com does not provide investment, tax, legal or accounting advice. Neither the company nor the author shall be liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of any content, products or services mentioned herein.
Comments