- MetaMask informed the community about what they defined as an “address poisoning scam” which seeks to take advantage of user carelessness to divert funds to criminals’ wallets.
- Through “vanity address generators,” criminals mimic the addresses of their victims and can receive the funds that users want to send from their wallets by using a mimic address.
As the crypto ecosystem has expanded, criminals have gained greater incentives to develop strategies that allow them to get money from users. In the end, this is a market with a capitalization of US$883 billion.
In this context, the entire crypto industry must always be aware of the latest strategies and how to prevent falling into the clutches of criminals.
On January 11, the official MetaMask Twitter account informed the community about what they defined as an “address poisoning scam”. In itself, this new strategy seeks to take advantage of user carelessness to divert funds to criminals’ wallets and since the number of victims has increased, MetaMask has decided to issue a warning.
In the Twitter thread posted by MetaMask explains that criminals are poisoning users’ transaction histories by sending them $0 worth of tokens to their wallets.
The issue is that the address they use to send these tokens is obtained from “vanity address generators”. A vanity address is a personalized cryptocurrency address that has been created by meeting a series of parameters. Their goal itself is to create wallet addresses that are more personal and therefore easily identifiable.
Nevertheless, Criminals have taken advantage of this tool with the aim of matching the first and last characters of their victim’s cryptocurrency address.
Thus, if your victim has gotten into the habit of copying your wallet address from transaction history, they could potentially be sending their funds to a fake address.
So no, with this strategy criminals do not gain access to users’ wallets. However, yes can receive the funds that users want to send from their wallet by using a fake address.
How to prevent falling for this scam? Well, checking at least twice the cryptocurrency addresses to which you want to send the funds before doing the operation. It is necessary to check each character of the address! Only in this way can users be sure that they are sending the funds to the correct address.
Verify each data of our crypto address
A cryptocurrency address is an alphanumeric code that indicates a destination for a payment of a certain cryptocurrency. This can be compared to an account number in a traditional bank.
Just like in a bank, a person must know exactly which cryptocurrency address they want to send a certain amount of crypto to.
However, unlike a bank account number, cryptocurrency addresses are often difficult to memorize because they use a set of numbers and letters, which can range from lowercase to uppercase. Likewise, the length varies between 26 and 32 characters.
But, also, unlike a bank account, transactions on the blockchain are not reversible, therefore, any error in the wallet address to which the cryptocurrencies are sent will probably result in the permanent loss of the funds.
Many users tend to copy and paste a wallet address when they want to send funds; they only check that the first and last characters match the address to which they want to perform the operation. However, now users will have to be more careful than that.
You might be interested in: