In a stark reminder of how deceptive crypto scams have become, a wallet just lost over $1.25 million in USDT to an address poisoning attack, according to @web3_antivirus. The victim unknowingly sent the funds to a fake address that perfectly mimicked one they had interacted with 99 days earlier.
Address poisoning attacks work by creating lookalike wallet addresses—often differing by just a few characters. Attackers send small, meaningless transactions to a victim’s wallet using these spoofed addresses, hoping the victim will later copy and paste the wrong address during a real transfer.
Unfortunately, that’s exactly what happened here. The attacker patiently waited, capitalizing on the user’s trust in their previous transaction history.
A wallet just lost over $1.25M in $USDT after sending funds to a poisoned address that perfectly mimicked a real one used 99 days earlier, according to @web3_antivirus.
— Cointelegraph (@Cointelegraph) November 3, 2025
Address poisoning scams remain one of the stealthiest ways attackers drain wallets.
[Brought to you by… pic.twitter.com/uZ6iDZz4Xp
Why Address Poisoning Works So Well
These scams are difficult to catch because:
- •Addresses look nearly identical — just a few characters off.
- •Wallet interfaces often auto-fill or suggest recent addresses.
- •No alerts are triggered, as the transaction appears normal.
Unlike phishing or smart contract hacks, address poisoning requires no malware or approvals, making it one of the stealthiest attack vectors in Web3.
How to Stay Safe from These Scams
To avoid falling victim:
- •Double-check full wallet addresses before sending.
- •Use trusted address books or domain services (like ENS).
- •Avoid copying addresses from transaction history unless verified.
- •Consider using wallet security tools like @web3_antivirus, which flag suspicious activity and known scams.
As this latest case shows, even a small oversight can lead to devastating losses in crypto. Vigilance is your best defense.