This article describes a new type of scam called address poisoning that targets Ledger users.
- A scammer might send you a very small amount of coins to "poison" your transaction history in Ledger Live.
- The scammer's address might look very similar to your own Ledger address.
- The scammer is now hoping that you'll grab their address from your transaction history by mistake and send them your funds.
- You can protect yourself by always carefully checking your transaction details on your Ledger device.
- You can keep using a poisoned account normally, poisoning an account does not compromise it.
What is address poisoning?
Address poisoning is a type of scam targeting crypto users (including Ledger users). A scammer will first "poison" your account by sending you a very small (sometimes near-zero) amount of crypto (typically USDT, MATIC or TRX) or, in rare cases, an NFT.
That transaction will be recorded in your account's transaction history in Ledger Live. Deceptively, the scammer's own address might look very similar to your own address.
The scammer is now hoping that you will grab their address from your transaction history and send funds to their account by mistake.
How can the scammer's address look so similar to my own address?
Scammers frequently use open-source tools like Profanity to craft addresses designed to look like your own Ledger address.
A sophisticated scammer might be able to craft an address that shares the same first four or five characters and the last four or five characters. This is why checking every character is extremely important when sending or receiving crypto with your Ledger device.
On which blockchain networks is the scam taking place?
Address poisoning can take place on any blockchain. However, cheap blockchains like Polygon, Tron or Binance Smart Chain are frequently targeted because of their cheap transaction fees which make it easy to deploy the scam at scale to thousands of users.
Am I being targeted personally?
No, blockchain networks are public so it's very easy for scammers to sample a very large number of addresses from any block explorer and poison these addresses.
Who paid fees for the transaction that poisoned my account?
The scammer did. The unwanted transaction was paid in full by the scammer who poisoned your account.
Is it safe to keep using the poisoned account?
Yes, you can keep using the poisoned account normally. Poisoning an account does not compromise it. The only way to compromise your account is to disclose your 24-word recovery phrase. Learn more.
Is it safe to keep the coins I received from the scammer
Yes, keeping the unwanted coins is safe. They're just regular coins that cannot compromise your accounts.
How can I protect myself against address poisoning?
While address poisoning cannot be stopped, it can be easily defeated by observing best practices with regard to sending and receiving crypto with your Ledger wallet:
- Receiving crypto: avoid grabbing your deposit address from your transaction history. Instead, always use the Receive button in Ledger Live then carefully check the address displayed in Ledger Live on your Ledger device. The addresses should match exactly. If they are different, immediately abort the transaction and contact support via the Contact us button on this page.
- Sending crypto: also avoid grabbing the destination address from your transaction history in Ledger Live. Before sending your coins out, always carefully verify that the destination address exactly matches the one displayed on your Ledger device. You might need to verify every single character, not just the first and last 4 characters.