Trust Wallet has introduced a new address-poisoning protection feature that prevents crypto users from falling for address-poisoning attacks.

 

According to the company, this new feature automatically checks the destination address against a database of known scam and lookalike addresses to prevent malicious transactions. Because the feature runs automatically, users will receive real-time warnings if a risk is detected.

 

For now, the feature will be supported on 32 Ethereum Virtual Machine (EVM) chains, including Ethereum, BNB Smart Chain, Polygon, Optimism, Arbitrum, Avalanche, and Base.

 

The Menace of Address Poisoning

Address poisoning is a phishing-style attack in which scammers trick users into sending cryptocurrency to the wrong wallet address, usually one that closely resembles a legitimate address. 

 

Here’s how address poisoning works:

• A scammer generates a look-alike wallet address, typically one that shares the same first and last characters as a legitimate address.
• The attacker then sends a tiny, or “dust,” amount of crypto to an unsuspecting user.
• The fake address subsequently appears in the victim’s transaction history.
• Because crypto transactions are irreversible, the user may mistakenly send funds to the poisoned address, losing them permanently.

 

While address poisoning may not look as sophisticated or complex as other forms of crypto attacks, it has had a long history of success for scammers. 

 

In May 2024, a user accidentally sent 1,155 Wrapped Bitcoin (WBTC) worth approximately $68 million to a fake address. The attacker created a fake address that looked like the legitimate address, and due to lack of proper scrutiny, the user fell for it.

 

While in May 2025, a trader lost $2.6 million after falling for two address poisoning scams, and later that year, another trader lost $50 million in USDT after sending them to a poisoned wallet address.

 

 

Address Poisoning is Just a Numbers Game

Knowing that most crypto users rarely fall for address poisoning scams (roughly 1 success per 10,000 attempts), attackers often rely on scale to succeed. 

 

Between July 2022 and June 2024, over 270 million address poisoning attempts were recorded across the Ethereum and BNB Chain, with 6,633 of these attempts successful, leading to a loss of over $83 million. 

 

In another address poisoning campaign, scammers used 82,031 fake addresses on 2,774 victims. The result? Over $69 million was lost. 

 

And just last year, there were about 32,290 recorded address poisoning attacks in September, which affected over 6,000 victims.