Ethereum (ETH) users are reportedly experiencing a sharp rise in address-poisoning attacks, with dust-transfer transactions surging.
This escalation follows the December 2025 Fusaka upgrade, which lowered transaction fees. While the upgrade brought benefits to users and developers, attackers are exploiting the reduced costs to send more fraudulent transactions.
How Address Poisoning Exploits Transaction History
Address poisoning is a deceptive attack in which malicious actors create wallet addresses that closely mimic legitimate ones. Attackers then send low-value transactions, known as dust transfers, to targets.
These entries appear in the victim’s transaction history, mixed with genuine transfers, setting a trap for users who do not closely check the details. Ethereum addresses are 42 characters long, so users may only check the first and last sections.
Follow us on X to get the latest news as it happens
Once a poisoned address is logged in the transaction record, a user might copy it for their next transfer, mistakenly sending funds to the scammer’s address.
Dust Transfer Activity Explodes After Ethereum’s Fusaka Upgrade, Etherscan Data Shows
This strategy is not new. Etherscan noted that between July 2022 and June 2024, roughly 17 million poisoning attempts targeted about 1.3 million Ethereum users.
This resulted in at least $79.3 million in confirmed losses. However, Etherscan’s comparison of dust transfer activity across major digital assets reveals a surge following the Fusaka upgrade, based on data spanning 90 days before and after the upgrade.
Dust transfers, micro-transactions falling below $0.01 for stablecoins and under 0.00001 ETH for Ether, exploded across the board. USDT saw the sharpest rise in absolute terms, jumping from roughly 4.2 million dust transfers to nearly 29.9 million, a 612% increase.
USDC followed a similar trajectory, rising from 2.6 million to 14.9 million, a 473% increase. DAI, while smaller in volume, mirrored the trend with transfers surging from around 142,000 to over 811,000, a gain of roughly 470%.
ETH dust transfers also rose, though more modestly in percentage terms. Activity grew from 104.5 million to 169.7 million. This represented an increase of 65.2 million transfers, or about 62%.
“Dust transfers (below $0.01) show a clear surge shortly after the Fusaka upgrade, with activity rising sharply before gradually tapering off while still remaining at an elevated level compared to pre-Fusaka levels. In contrast, transfers above $0.01 remain relatively stable throughout the same period,” Etherscan wrote.
Although the scam’s success rate is about 0.01%, roughly one theft per 10,000 attempts, even a single successful attack can yield substantial rewards, quickly offsetting low costs. This low-cost and high-reward calculation creates ongoing risk.
“It is important to note that not all dust transfers are poison transfers. Dust transfers can also occur as part of legitimate activity, such as token swaps or other small-value interactions between addresses. However, when reviewing dust transfer lists, a large portion of them appear likely to be poisoning attempts,” Etherscan stressed.
Beyond lower fees, address poisoning has also become more prevalent because the operations behind it have grown increasingly industrialized. Attackers also compete with one another.
Multiple groups often target the same address simultaneously, racing to insert their spoofed address into a user’s transaction history first.
How to Protect Yourself
For users looking to avoid falling victim to address poisoning scams, here are five practical tips that may help:
- Never copy addresses from transaction history. Always get them directly from the recipient or a saved contact list.
- Before confirming any transaction, carefully check the entire string character by character, not just a quick glance at the edges.
- Use address whitelisting and labels. Save trusted addresses in your wallet to avoid picking a poisoned lookalike.
- For large or unfamiliar transfers, send a tiny amount first and confirm receipt with the intended party before completing the full transaction. This extra step costs minimal gas but can prevent catastrophic losses.
- Use wallets with scam detection. Enable spam filters that flag or hide suspicious dust transactions.
Subscribe to our YouTube channel to watch leaders and journalists provide expert insights
