What is a dusting attack?

What is Dust?

In the language of crypto, the term dust refers to a very small amount of coins or tokens. If taking bitcoin as an example, the smallest unit of the BTC is 1 satoshi (0.00000001 BTC), so dust could be equal to a few hundred satoshis.

What is a Dusting attack?

A dusting attack is a new type of malicious activity performed by scammers when they send tiny amounts of coins or tokens (dust) to thousands, sometimes even hundreds of thousands of addresses on the network. There are different reasons behind these attacks.

The main purpose of these attacks is to track the transactional data of the wallets sufficiently enough in order to deanonymize the owner of the wallet and perform a targeted phishing attack on the victim to get hold of users’ crypto.

Phishing attack with dust transaction

Another strategy quite often confused with dusting attacks is sending a malicious link included in the memo tag with the dust transaction. In fact, this one is a phishing attack with dust payment and should not be confused with a dusting attack.

This strategy is common for coins that support tag feature, for example, Stellar (XLM) and XRP (XRP). The message included in the memo tag could look like “airdrop invite xlmfree.org”. A user who once followed the link might be scammed either by sending his assets to the unknown address or by sharing his 24-word recovery phrase. It is not recommended to interact in any way with the links included in memo tags for the safety of the funds.

How do scammers know my wallet’s address? 

Since the transactional information on most blockchains is public and available in all chain explorers, there is no difficulty for the scammers to see the transactions on the network. Though they still can see various addresses and amounts of coins sent, they have no information whatsoever about the identity of the address owners.

Should I be worried about receiving dusting transactions?

Dust assets on your wallet don’t give anyone control of your funds. If you encounter a dusting attack, simply ignore it and try not to interact with the “dust”. For coins like Bitcoin and BTC-like, you can use a Coin Control feature in Ledger Live in order to avoid transferring these tiny amounts of coins you received. Another good practice is to use each time different receiving addresses for coins like Bitcoin, Litecoin, Doge, and for all with the same concept of changing addresses.

For phishing attacks with dusting payments that contain a message in memo tag, simply ignore them and do not follow the links whatever they promise.

While it is not possible to avoid dusting transactions on public blockchains, you can remain safe by being careful and taking all the precautions.

Was this article helpful?