Since early this year, many users have reported "address phishing" attacks. Scammers exploit users’ habit of copying wallet addresses from transaction records by generating fake addresses with the same last characters as commonly used ones. They insert these fake addresses into users’ transaction histories via small transfers, misleading them into unknowingly sending funds to the wrong address.
This scam is more common on TRON and BSC networks. We previously analyzed its emergence in our article "Addresses with the Same Last Characters." Recently, it has spread to the Bitcoin network.
Kelly, an active crypto investor, often copies wallet addresses from transaction records to avoid input errors. One day, he received a 0.000006 BTC transfer and noticed the sender’s address closely resembled his friend’s (e.g., his friend’s address: 3GUQp29...N85zrC, the scammer’s address: 3GU5xLM...zs5zrC).
(Phishing transfers to wallet addresses with the same last characters)
A few days later, Kelly needed to send 1 BTC to his friend. He copied the address from his transaction record and completed the transfer. However, his friend never received the funds.
Upon reviewing the transaction, Kelly realized he had mistakenly sent the BTC to an unfamiliar address—the same scammer who had previously sent him a small transfer. By inserting their phishing address into his transaction history, the scammer tricked Kelly into thinking it was his friend’s. As a result, Kelly lost 1 BTC, and due to blockchain’s immutability and anonymity, recovery was nearly impossible.
To prevent phishing address attacks, imToken recommends using the address book to save frequently used addresses, reducing the risk of transferring funds to the wrong address.
Set up your address book
Open imToken and click “My Profile” - “Address Book”. Then, click the “+” icon at the top right corner to add addresses.
Make transactions with the address book
Select the token and click "Send" to access the transfer page. Click the icon on the right to open the address book and choose the saved address. Enter the amount, review the details, then click "Next" and enter your password to complete the transfer.
PSA:
- Use the Address Book: Save frequently used addresses in imToken to avoid transferring to the wrong address. Minimize manual entry and always prioritize selecting saved addresses.
- Double-Check Addresses: Before every transfer, verify the entire recipient address character by character—don’t rely on just the last few characters.
- Beware of Small Transfers: If you receive tiny transfers from unknown sources, especially from unfamiliar addresses, stay cautious and avoid copying or interacting with them.
imToken Is Always Protecting Your Token Security
In November, imToken marked a total of 13532 risky tokens, banned 637 risky DApp websites and marked 1215 risky addresses.
In addition, if you find any suspiciously risky tokens or DApps, please contact us: support@token.im to help more users avoid token losses.
Closing Thoughts
Scams are constantly evolving, it is indeed challenging for average users to fully prevent them. imToken is committed to rapidly detecting issues and finding solutions, providing timely messages to the community, and educating users about various types of scams to protect them from losses.
We encourage you to read and share imToken Wallet Security Monthly Report and join hands with imToken to safeguard your token security.