The cryptocurrency wallet Trust Wallet has announced the launch of a new security feature designed to protect users from one of the most common types of fraud in the crypto industry — the so-called address poisoning attack. The new tool has already been integrated into the wallet’s mobile application and will initially operate across 32 EVM-compatible blockchain networks. Developers plan to expand support and add additional networks in the future.
The launch of this mechanism reflects growing concern within the crypto community about fraud. According to analytics firm Chainalysis, cryptocurrency users lost around $17 billion to various scams in 2025. A significant portion of these losses is linked to social engineering, address substitution, and new deception techniques that actively use artificial intelligence.
What address poisoning is
An address poisoning attack is considered a relatively simple but highly effective form of fraud.
The method involves scammers creating a cryptocurrency address that closely resembles a legitimate recipient’s address. In a long string of characters, the difference may consist of only a few letters or numbers, often located in the middle of the address, making the substitution almost invisible to the user.
Scammers then send a small transaction to the victim’s wallet — sometimes worth only a few cents. The goal of the operation is not to transfer funds but to make the fake address appear in the user’s transaction history. Later, when the user needs to send funds to a familiar address, they may simply open the transaction history and copy the address from there. If they mistakenly choose the scammer’s address, the funds will be sent not to the intended recipient but to the attacker.
Because cryptocurrency transactions are irreversible, recovering funds in such cases is almost impossible.
Why this scheme works
Address poisoning exploits one of the key characteristics of cryptocurrencies — long and complex wallet addresses. A typical Ethereum or other EVM network address is a string of 42 characters. Users rarely check every character manually and often focus only on the first and last few symbols.
Scammers deliberately create addresses that match these visible parameters. As a result, they appear almost identical visually. The problem is worsened by the common habit of copying addresses from transaction history. Many users consider such addresses “verified,” even though they may have appeared in the history as part of a fraudulent transaction.
As cryptocurrencies grow in popularity, this scheme has become increasingly widespread. It is used both by individual scammers and organized groups that automate the creation of lookalike addresses and the mass sending of microtransactions.
How the new Trust Wallet protection works
The new Address Poisoning Protection feature was designed to detect such threats before a user confirms a transaction. The system automatically checks the recipient’s address before funds are sent. If the algorithm determines that the address may be suspicious or resembles a known scam address, the application displays a warning. This allows the user to receive a notification before signing the transaction and to verify the details again.
In addition, the tool displays addresses side by side. This makes it possible to visually identify the differences between the original and the suspicious address. Even a single altered character becomes noticeable with such a comparison.
Trust Wallet CEO Felix Fan noted that address poisoning attacks are specifically designed to remain unnoticed. According to him, scammers hide a few modified characters within a long address string, making the substitution easy to overlook. The new alert system is intended to address this problem.
“The threat is almost invisible: a few characters hidden inside a long string that are easy to miss and expensive to ignore. Address Poisoning Protection is our response to this reality: automatic real-time alerts that give users the information they need before they take action,” Fan said.
Use of HashDit and Binance Security data
To improve the system’s accuracy, Trust Wallet uses aggregated data from multiple security sources. In particular, the verification mechanism is integrated with the databases of HashDit and Binance Security. These services collect information about suspicious and fraudulent addresses that have previously been involved in different scam schemes. When a user attempts to send funds, the system compares the recipient’s address with these databases. If a match or a high-risk signal is detected, the application immediately warns the user.
This approach allows the platform to respond quickly to new scam schemes and update threat databases almost in real time.
Why the feature initially works only on EVM networks
At the first stage, the feature will be available across 32 EVM-compatible blockchains. EVM (Ethereum Virtual Machine) is the virtual machine standard used by many popular blockchains, including Ethereum, BNB Chain, Polygon, Arbitrum, and others. These networks share the same address structure, which simplifies the development of a universal security tool.
In the future, Trust Wallet developers plan to expand support and add other blockchain ecosystems.
Real cases of losses caused by address poisoning
Despite the apparent simplicity of the scheme, the financial damage caused by such attacks can be enormous. One recent case occurred when a user mistakenly sent 126,000 TON — about $220,000 — to an address belonging to a scammer. The cause was an address poisoning attack: the victim copied the fake address from their transaction history.
An even larger incident occurred at the end of 2025, when an investor lost about $50 million after sending funds to a fraudulent address. Such cases demonstrate that even experienced cryptocurrency users can become victims of these schemes.
Crypto fraud remains a serious problem
Fraud remains one of the main barriers to the mass adoption of cryptocurrencies. According to Chainalysis estimates, the amount lost to crypto scams reached a record level in 2025 — around $17 billion.
The situation is further complicated by the development of artificial intelligence technologies. Scammers increasingly use AI tools to create more sophisticated social engineering schemes, fake websites, fraudulent support messages, and impersonations of well-known individuals.
Address poisoning is only one of many methods used to deceive users.
A new trend — built-in wallet security
The launch of Address Poisoning Protection reflects a broader trend in the crypto wallet industry. Developers are increasingly integrating built-in security mechanisms directly into application interfaces. This allows users to be warned about potential risks before an irreversible transaction takes place.
Such solutions are becoming an important element of crypto market infrastructure, especially given that many new users do not have deep technical knowledge. As fraud continues to grow, these tools may play a key role in increasing trust in the cryptocurrency ecosystem.
What this means for users
For users, the launch of the new feature means an additional layer of protection when working with cryptocurrencies. Even if a user accidentally copies a suspicious address, the system can warn them about the potential threat before funds are sent.
Although no technology can completely eliminate the risk of fraud, such mechanisms significantly reduce the likelihood of mistakes. As the crypto industry grows and the number of users increases, such tools may become a standard security feature for all cryptocurrency wallets.
And if protection against scams once relied mainly on the users themselves, responsibility is now gradually being shared between people and technology.
All content provided on this website (https://wildinwest.com/) -including attachments, links, or referenced materials — is for informative and entertainment purposes only and should not be considered as financial advice. Third-party materials remain the property of their respective owners.