Unsuspecting crypto users lost more than $1.6 million to scammers via address poisoning attacks just this week — more than in the entire month of March. 

On Friday, a victim lost 140 Ether (ETH), worth about $636,500, after copying the wrong address from a contaminated transfer history, according to crypto scam prevention platform ScamSniffer. 

“The user basically sent 140 ETH to a lookalike address that had been seeded in the history after a copy-paste mistake,” the team said, adding, “His history is full of poison address attacks, so it was only a matter of time before the trap worked.”

Another victim lost $880,000 worth of crypto to address poisoning on Sunday, while other alerts show one crypto user lost $80,000 and another lost $62,000. 

Compiling the alerts from cybersecurity firms, Cointelegraph found that more than $1.6 million had been lost to scammers through the method since Sunday, more than the entire month of March, which saw $1.2 million lost to address poisoning. 

🚨 Almost a million is lost to an address poisoning scam.@web3_antivirus detected a live address poisoning scheme that drained about $880K in USDT. One wallet had its history poisoned, and the same owner likely retried a stuck transfer from three more wallets, each sending… pic.twitter.com/N8IHy7MkIs

— Cointelegraph (@Cointelegraph) August 12, 2025

Address poisoning relies on mimicking addresses

Address poisoning involves sending small transactions from wallet addresses that resemble legitimate ones, duping users into copying the wrong address when making future transactions.

“Poisoners send small transfers from addresses that mimic a real one, so copying from history becomes a trap,” said Web3 Antivirus, a firm offering blockchain security solutions. 

Related: Jameson Lopp sounds alarm on Bitcoin address poisoning attacks

This leads to “transaction history poisoning,” where the scammer sends a fake transfer with a similar address, appearing in the victim’s transaction history. The victim copies the phony address and sends funds to the scammer, explained ScamSniffer on Friday. 

Malicious signature signing 

In addition to the million-dollar address poisoning thefts, at least $600,000 was lost this week from victims who signed malicious phishing signatures such as “approve,” “increaseAllowance,” and “permit” signatures, according to ScamSniffer. 

On Tuesday, a victim lost $165,000 worth of BLOCK and DOLO tokens after signing malicious signatures, ScamSniffer said. 

“We sound like like a broken record, but it’s worth mentioning again: use an address book or whitelist and verify the FULL address,” before sending, Web3 Antivirus wrote.

Magazine: Altcoin season 2025 is almost here... but the rules have changed