<- Back to all blog posts

[Security Digest] Address Poisoning Attack on Crypto Wallets

January 31, 2023

Are you searching for a way to enhance your organization's security awareness training? Look no further than Haekka! Schedule a demo with us to discover how we can help you reduce costs by 75% while boosting employee satisfaction with our training by 81%.
Schedule a demo

🏃 🏃 Phishing is a prevalent tactic employed by cybercriminals, where they impersonate legitimate entities such as individuals or organizations, by creating fake email addresses and website addresses. The aim is to deceive victims into believing that they are interacting with people or companies they trust, thereby gaining access to sensitive information or assets. It is important to be vigilant and verify the authenticity of any email or website before providing sensitive information or accessing assets, as this is a very common method used by attackers.

👉 Attackers are now using the same techniques with cryptocurrency wallet addresses. This is how it works:

• Attackers check the public blockchain for recent transactions. Each transaction has a sending and receiving wallet address.
• Attackers create a fake wallet address similar to one of the addresses in a transaction.
• Attackers then send a very small amount of cryptocurrency to the other address in the transaction.
• Attackers use phishing tactics to deceive victims into sending cryptocurrency to a malicious address that closely mimics a legitimate one. They send a small transaction to the victim's wallet, and the fake address appears in their transaction history. The attackers then wait for the victim to mistakenly send cryptocurrency to the fake address, similar to how phishing emails trick individuals into responding to a fraudulent email address.

🤔 It's crucial to exercise caution when handling sensitive information online. To protect yourself from phishing scams, it is important to verify the authenticity of website addresses before clicking on them, particularly in emails. Additionally, it is essential to double-check email addresses before sending any sensitive information. It's easy to overlook small variations in an address, such as a single altered letter or number, but these small differences can make a big impact on the safety of your information.

----

Want to subscribe your team to weekly posts like this in Slack? Check out Heakka Streams. All Streams are 100% customizable by admins before they are sent to your team.

Schedule a demo

Start delivering training via Slack today.

Get started with a free trial by scheduling a demo today. One of our training experts will walk you through a live Haekka demo.

Excellent! We received your demo request. You should be redirected to our scheduling system. If you ran into an issue, please contact us.
Hmm. Something went wrong while submitting your form.
Please refresh and try again.