A victim just lost over $101K USDT by sending funds to a fake address, spoofed within the transaction history by scammers.

Victim:
0xff275bdd99c64c02e305504eaa36a6e9d90b20b4

📚 How Does the Attack Work?

The scammer sends "dust" or a worthless token to your wallet from an address that looks very similar to the one you frequently send funds to. The attacker deliberately chooses an address with the same beginning and end as your usual recipient's address (for example, an exchange). As a result, when copying the address from the transaction history, the user is highly likely to select the fake one.

📚 Why is the Attack Effective?

The fact is that users often:

🔹 Copy addresses from history in blockchain explorers (e.g., Etherscan);  
🔹 Make a test transaction, which only reinforces the fake address in their history;  
🔹 Do not use built-in protective tools in wallets, such as an address book.

Once again. How transaction history poisoning works:

1. Scammer sends fake/dust transfer with similar address;
2. Their fake address appears in your history;
3. You copy address from history thinking it's legitimate;
4. Funds get sent to scammer instead.

How to stay protected:

1. Always double-check the addresses you're sending funds to;
2. Never copy addresses from transaction histories;
3. Use a wallet that supports whitelisting or bookmarks.