Ledger recently took to X to expose a scam known as “address poisoning” that targets crypto users. This scam involves scammers 'poisoning' a user's wallet by sending a small amount of crypto or an NFT disguised as a voucher. The goal is to trick users into copying the scammer’s wallet address from their transaction history and inadvertently sending funds to the scam account.
“These dummy transactions are designed to deceive you into thinking you sent funds to their address previously,” Ledger tweeted. “However, unless you initiate and sign a transaction to one of these addresses with your Ledger, no value will be transferred from your account.”
Scammers use open-source software to create addresses that resemble Ledger addresses, often mimicking the first and last few characters to deceive users into sending them assets. This scam has become particularly common among users of Ledger Live, a crypto wallet management tool.
How to Avoid the Scam
If you suspect your wallet may be compromised or notice a suspicious transaction, it’s best to ignore the transaction and the associated addresses. Simply clicking on or following a link in a malicious NFT is not enough to compromise your wallet. The primary risks include sharing or typing out your 24-word recovery phrase or signing a malicious transaction with your Ledger device.
To protect yourself, avoid interacting with any unwanted tokens or addresses. Ledger advises users to right-click and ‘hide’ the token to remove it from view. Additionally, always be cautious of malicious links that could lead to scam websites attempting to trick you into sharing sensitive information or authorizing harmful transactions.
By following these precautions, you can safeguard your crypto assets from address poisoning and other related scams.