Address poisoning is a scam designed to trick users into sending crypto to the wrong wallet address.

The attack usually works by placing a fake but familiar-looking address into a wallet’s transaction history. Later, when the user wants to send funds, they copy that address by mistake and send real assets to the attacker.

The scam usually does not attack the smart contract or the wallet itself. It attacks user habit, speed, and limited attention.

Address poisoning is a type of crypto scam in which an attacker creates a wallet address that visually resembles a real address the victim has used before.

The attacker then sends a very small transaction, a dust transfer, or a spam token interaction so the fake address appears in the victim’s wallet history.

The goal is to make the wrong address feel familiar. When the victim later checks recent activity and copies an address from that history, they may copy the attacker’s address instead of the real one.

That is the practical answer to what is address poisoning. It is not about taking control of a wallet directly. It is about planting a deceptive address where a user may later trust it by mistake.

A typical address poisoning attack is simple and inexpensive to run.

First, the attacker creates a lookalike address. They may generate many addresses until one has a similar beginning or ending to an address the victim has used before.

Since wallets often shorten addresses on screen, partial visual similarity can be enough.

Next, the attacker sends a tiny transaction or spam token transfer. The amount is usually negligible. The purpose is not to transfer value. The purpose is to gain visibility.

Once that happens, the fake address may appear in the victim’s wallet history, transaction list, or recent activity feed. The scam succeeds only if the user later copies that address without checking carefully and then sends real funds to the attacker.

Address poisoning works because most people do not verify long wallet addresses carefully every time.

Crypto addresses are hard to read and easy to skim. Many users rely on quick visual pattern matching. They check the first few characters, the last few characters, or the general shape of the address and assume it is the same one they used before.

Wallet interfaces can make this worse. Many wallets shorten addresses for readability, and repeated exposure inside the activity feed creates false confidence. Familiarity starts to feel like proof, even though it is not.

That is why address poisoning is mainly a UX and human-factor attack, not a cryptographic one.

Many users misunderstand the threat.

In most cases, an attacker cannot steal funds directly just by sending a poison transaction to a wallet. Receiving a dust transfer or a spam token does not usually mean the wallet itself has been hacked.

The danger comes later, when the user copies the poisoned address and uses it as the destination for a new transfer.

That is when funds can actually be lost. The scam succeeds through confusion, not through automatic wallet compromise.

The security model is:

1. the poison transaction is usually a setup step;
2. that setup creates a misleading address trail;
3. the actual loss happens only if the user later sends funds to the fake address.

The best defense is disciplined address handling.

Never copy a destination address from transaction history alone. History can be polluted, and a recent address is not automatically a trusted one.

Always verify the full address before sending. Checking only a few characters is better than checking nothing, but full verification is safer, especially for important transfers.

Use an address book if the wallet supports it. A saved trusted recipient is usually safer than a raw address pulled from recent activity.

Be extra careful with repeated transfers. Address poisoning works partly because users become less careful during routine actions. The “I’ve sent here before” mindset is exactly what the attacker wants.

Treat unexpected token transfers or dust transactions as suspicious. Not every unexpected inbound transaction is dangerous by itself, but it should never become a trusted reference point.

For meaningful amounts, slow down even more: verify the destination from the original source, compare it with a saved contact, and when appropriate send a small test transaction first.

Users carry most of the risk today, but wallets and platforms can reduce it.

A safer product can help by:

• labeling suspicious inbound spam or dust activity more clearly;
• making trusted address books easier to use;
• warning users about lookalike addresses;
• reducing reliance on heavily truncated address displays in critical flows.

Wallets do not all behave the same way, and different chains expose different transaction patterns. Even so, product design matters. A safer interface reduces the chance that users mistake familiarity for legitimacy.

“Someone sent me a token, so my wallet is hacked.” Usually not. A poison transaction or spam token transfer does not by itself mean the attacker has access to the wallet. The real risk is a misdirected future transfer.

“If a wallet shows the address in history, it must be safe.” No. History shows what happened, not what is trustworthy. Attackers know that and exploit it.

“Matching the first and last characters is always enough.” Not always. It is better than checking nothing, but it is still a shortcut. Full verification is safer, especially for important transfers.

“Address poisoning steals funds automatically.” Usually not. The scam works only if the user later sends funds to the wrong address.

• Open Set Up StarKey Wallet if you want a safer wallet setup before using ElyxS.
• Open Smart Contracts if you want to see why address poisoning is a user-side transfer risk rather than a compromise of the protocol’s on-chain logic.
• Open Frequently Asked Questions if you want shorter applied guidance about wallets, transfers, and safer platform usage.

The simplest answer to what is address poisoning is this: it is a cheap and effective scam that makes a fake wallet address look familiar enough that a user copies it and sends funds to the wrong place.

It works because of human behavior, interface design, and routine wallet habits, not because cryptography itself is broken.

The best defense is boring and effective: do not trust transaction history as a source of truth, verify destination addresses carefully, use saved trusted contacts where possible, and slow down before sending funds.

Address poisoning is a scam that places a fake lookalike address in wallet history. The attacker usually cannot steal funds just by sending a small inbound transaction. The real risk appears if the user later copies that fake address and sends funds to it. Transaction history should never be treated as a trusted source for destination addresses. * Full address verification, saved contacts, and extra caution for meaningful transfers reduce the risk sharply.