Why address poisoning works without stealing keys 🔐

What address poisoning is

Address poisoning is an attack not on your wallet, but on your attention. The scammer makes sure an address that looks like a familiar one appears in your transaction history. Then they rely on a common habit: you copy an address from your history or recent transactions and send funds. But you accidentally pick the wrong address. 

The key point is that no one steals your keys. You confirm the transaction yourself in your wallet, just to the wrong recipient.

How it works

Usually the scheme is simple:

• the scammer sends a small transfer to your wallet so their address shows up in your history
• the address looks very similar to one you’ve used before or see often
• next time you make a transfer, you grab the address from history and make a mistake
• the money goes to the scammer because the transaction is correctly signed by you

This is especially dangerous when the app shows an abbreviated address, only the beginning and the end. Your eye sees a match and your brain trusts it automatically.

Why it works without access to your keys

Private keys are needed to sign transactions instead of you. In this case, the scammer doesn’t sign anything. They only create “noise” in your history so you choose the wrong address yourself. For the blockchain it’s a normal transfer, so cancelling it is almost always impossible.

How not to fall for it

The best protection is discipline:

• don’t copy addresses from your transaction history
• verify the full address, not just the first and last characters
• for important addresses, use contacts or a whitelist, if available
• for large amounts, do a small test transfer first

If you already sent it to the wrong address

In most cases, you won’t be able to get the funds back. But if the transfer was made through an exchange or a service with support, you should contact support immediately and provide the transaction details. From there, it depends on the platform and the situation.