Sending crypto is supposed to be simple. You copy a wallet address, paste it, confirm, and move on. But for many users in January, that one routine step turned into an expensive mistake.
Address poisoning scams, a quiet but highly effective attack method, drained tens of millions of dollars as attackers took advantage of speed, habit, and inattention. As crypto usage grows and transactions become cheaper, these scams are spreading faster and hitting harder.
Ogbonda Chivumnovu
How Address Poisoning Works
Address poisoning relies on familiarity and repetition. Scammers send tiny transactions from wallet addresses that look almost identical to ones a user has interacted with before. The first and last characters match, while the middle is slightly different. When users later copy an address from their transaction history without checking closely, they may unknowingly send funds to the attacker instead.
In January, one victim lost $12.2 million after copying a poisoned address, according to a blockchain security firm Scam Sniffer. That single mistake mirrored a similar attack in December that led to nearly $50 million in losses, showing how damaging this tactic has become.
Someone lost $12.25M in January by copying the wrong address from their transaction history. In December, another victim lost $50M the same way.
— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) February 8, 2026
Two victims. $62M gone.
Signature phishing also surged — $6.27M stolen across 4,741 victims (+207% vs Dec).
Top cases:
· $3.02M —… pic.twitter.com/7D5ynInRrb
The post on X said, “Someone lost $12.25M in January by copying the wrong address from their transaction history. In December, another victim lost $50M the same way.”
At the same time, signature phishing attacks also surged. These scams don’t rely on fake addresses but on tricking users into approving harmful transactions. Victims are often asked to sign what looks like a normal request, but the signature quietly gives attackers permission to move funds or drain tokens later. Scam Sniffer estimates that $6.27 million was stolen through signature phishing in January alone, affecting thousands of wallets. A small number of attacker wallets were responsible for most of the losses, suggesting these scams are becoming more organized and efficient.
Lower transaction fees have played a role in this surge. After Ethereum’s Fusaka upgrade in December reduced costs, attackers were able to send large numbers of small transactions cheaply. This made address poisoning campaigns easier to run at scale. With less friction and more automation, scammers can now target far more wallets while spending very little themselves. As crypto becomes faster and cheaper for users, it has also become faster and cheaper for attackers.
Security firms continue to warn that these scams are unlikely to slow down anytime soon. The problem is not just technical but behavioral. Crypto systems are unforgiving, and once funds are sent, they are usually gone for good. As attackers refine their methods, the responsibility increasingly falls on users to slow down and double-check every step, even when the process feels routine.
Jemi Motesho
