Ledger has issued a warning about a scam known as “address poisoning” targeting cryptocurrency users.
Address poisoning involves scammers sending a small amount of crypto or an NFT disguised as a voucher to a user’s wallet. The objective is to trick users into copying the scammer’s wallet address from their transaction history and returning the voucher. This action inadvertently sends funds to the scam account instead of a legitimate one.
“These dummy transactions are meant to deceive you into believing that you sent funds to their address in the past – but unless you initiate a transaction to one of these addresses on your own and sign the transaction with your Ledger, no value will actually be transferred from your account,” Ledger tweeted.
Scammers often use open-source software to create addresses similar to those of Ledger users. These addresses typically mimic the first and last few characters of legitimate addresses to trick users into sending assets to the scam account.
The scam has been particularly prevalent among users of Ledger Live, a popular crypto wallet management tool.
How to Avoid Address Poisoning Scams
If there are concerns that a wallet may be compromised or if a suspicious transaction is noticed, it’s best to disregard or ignore the transaction and the associated addresses.
Practical Tips to Stay Safe:
- Avoid interacting with suspicious tokens and NFTs sent to you. Instead, right-click on the NFT/token and select ‘Hide Token/NFT Collection’ to hide the suspicious asset from view.
- Be cautious of malicious links in a wallet that could lead to scam websites attempting to trick users into sharing sensitive information or authorizing harmful transactions.
- Do not share or type out your 24-word recovery phrase under any circumstances.
- Only sign transactions that you have initiated yourself and are sure of their legitimacy.
Clicking on or following a link in a malicious NFT is insufficient to jeopardize a wallet. The only potential risks to wallets include sharing or typing out a 24-word recovery phrase or signing a malicious transaction with a Ledger device.
It’s always best to avoid engaging with any unwanted tokens or addresses. Ledger advises users to right-click and ‘hide’ the token to remove it from visual sight.
Stay informed and protect your investments by following the latest updates and news on Global Crypto News.