-
Address poisoning scams erased $62 million after users copied wallet addresses without full verification during routine transfers.
-
Lower Ethereum fees enabled mass dust attacks making address poisoning cheap, scalable and harder to detect across the network.
-
Signature phishing surged in January causing over $6 million in losses through routine token approval actions.
Ethereum wallet security risks intensified over December and January after two routine transfer mistakes erased $62 million in crypto assets. Blockchain security trackers tied both losses to address poisoning schemes. These scams exploit everyday wallet habits rather than protocol flaws. As transaction fees dropped, simple user actions started carrying much higher financial risk.
Someone lost $12.25M in January by copying the wrong address from their transaction history. In December, another victim lost $50M the same way.
Two victims. $62M gone.
Signature phishing also surged — $6.27M stolen across 4,741 victims (+207% vs Dec).
Top cases:
· $3.02M —… pic.twitter.com/7D5ynInRrb
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) February 8, 2026
The incidents highlight a growing threat for Ethereum users. Copying addresses without full verification now leads to irreversible losses. Moreover, attackers rely on speed and repetition instead of complex technical exploits. As a result, operational mistakes now rank among Ethereum’s biggest security risks.
Copy Habits Trigger Massive Losses
In December 2025, a user lost about $50 million after copying a fake address from transaction history. The address closely resembled a previously used destination. Consequently, funds moved directly to an attacker controlled wallet.
In January 2026, another user lost roughly $12.25 million, equal to about 4,556 ETH at the time. This transfer followed the same pattern as the earlier incident. Both cases relied on users reusing addresses from past activity without full checks.
These losses show how routine habits expose wallets to major risks. Users often prioritize speed during transfers. However, attackers now depend on that behavior to succeed.
How Address Poisoning Works at Scale
Address poisoning uses vanity addresses designed to resemble real wallet strings. Attackers monitor transactions and identify frequent senders. They then send tiny dust transfers to those wallets.
These near zero value transactions insert fake addresses into transaction histories. Later, copied addresses redirect funds to scammers. As Ethereum fees fell after the Fusaka upgrade, this method became cheap to deploy.
Millions of dust transactions now hit the network daily. Many serve no purpose beyond preparing future thefts. Consequently, address poisoning expanded rapidly across Ethereum. Earlier last year, the EOS blockchain was under attack by malicious actors using an address-poisoning scheme.
Network Data Distortion and Organized Campaigns
Security researchers report that poisoning activity now distorts Ethereum usage data. Rising transaction counts increasingly reflect spam rather than genuine demand. This shift complicates network analysis.
Coin Metrics reviewed 227 million stablecoin balance updates between November and January. The firm found 38% of updates carried values below one cent. This pattern strongly points to poisoning deposits.
Today, stablecoin dust accounts for 11% of Ethereum transactions on average days. It also represents 26% of active addresses. Investigations link many campaigns to organized groups reusing infrastructure across thousands of wallets.
Signature Phishing Adds to Losses
Alongside poisoning, signature based phishing increased sharply in January. ScamSniffer recorded $6.27 million stolen across 4,741 victims during the month. This marked a 207% increase compared with December. Additionally, WLFI also confirmed that attackers accessed some user wallets through phishing and third-party lapses before its platform launched in November.
Two wallets alone caused about 65% of total losses. Major cases included $3.02 million stolen from SLVon and XAUt tokens. Another $1.08 million came from aEthLBTC through malicious approvals. These scams rely on routine looking transaction prompts. Once approved, attackers gain long term token access.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Bitcoin and Ethereum ETFs Record Daily Outflows While Maintaining Weekly Gains
Gate News bot message, according to the March 6 update, Bitcoin ETFs recorded a daily net outflow of 1,697 BTC (valued at $116.94 million), while maintaining a 7-day net inflow of 13,014 BTC (valued at $896.69 million). Ethereum ETFs showed a daily net outflow of 3,185 ETH (valued at $6.34 million),
GateNews26m ago
"Brother Maqi" deposits $210,000 into HyperLiquid to increase ETH long position by more than 25 times
Gate News Report, March 6, according to Onchain Lens monitoring, "Big Brother MaJie" deposited $210,000 USDC into HyperLiquid to increase his ETH 25x long position. Previously, as the market declined, "Big Brother MaJie" had closed most of his positions at a loss, and his unrealized loss has now exceeded $29.7 million.
GateNews36m ago
ETH drops below 2000 USDT, 24H decline of 5.68%
Gate News Report, March 6th, according to data from a certain CEX market, ETH dropped below 2000 USDT, currently at 1999.87 USDT, down 5.68% in the past 24 hours.
GateNews1h ago
Short-selling firm Culper releases bearish report on Ethereum: Fusaka upgrade disrupts ETH token economics
Aggressive short-selling firm Culper Research has released a report bearish on Ethereum (ETH), believing that the Fusaka upgrade in 2025 will cause structural damage to ETH's token economy. The report points out that a significant decrease in Gas fees has led to increased address pollution attacks and reduced validator rewards, and emphasizes that Ethereum is facing competitive pressure from Solana and L2 solutions. Culper believes that ETH's value capture ability is declining and has started shorting ETH.
ChainNewsAbmedia2h ago
ETH drops below 2000 USDT
Gate News bot message, Gate market display, ETH drops below 2000 USDT, current price 1998.74 USDT.
CryptoRadar2h ago
ETH 15-minute sharp decline of 1.53%: Large investors' short-term profit-taking and ETF capital outflows resonate, triggering a significant drop
From 13:45 to 14:00 on March 6, 2026 (UTC), ETH experienced a significant fluctuation, with a short-term decline of 1.53%. The price fluctuated sharply between 2019.21 and 2051.26 USDT, with an amplitude of 1.56%. High-frequency sell orders surged, market attention spiked, trading volume increased, and the divergence between bulls and bears intensified. Market sentiment became more cautious.
The main driving force behind this fluctuation was large investors and whale accounts reducing their positions after a short-term rebound, leading to a rapid release of large sell orders and triggering short-term selling pressure in the market. On the ETF front, holdings
GateNews2h ago
