Crypto Investor Falls for “Contaminated Address” Scam Twice in One Day, Loses Millions

A cryptocurrency investor learned a harsh lesson about vigilance this week, falling victim to a sophisticated scam not once, but twice, on the same day. The unfortunate individual lost a staggering total of over $2.8 million, with the first instance costing approximately $843,166 and the second a further $1.7 million.

The scam, known as a “contaminated address” attack, preys on investors’ complacency and the similarity of cryptocurrency addresses. While some wallets offer limited protection, the ultimate responsibility lies with the user to verify transaction details.

How the Scam Works

The perpetrators send a small transaction from an address that closely resembles one frequently used by the victim, such as a deposit address for an exchange. The victim, without carefully checking all the digits, then copies the fraudulent address from their transaction history when making a new transfer.

Consequently, the cryptocurrency is sent to the scammers’ address instead of the intended recipient. This type of attack has proven successful in the past, with other investors losing even larger sums.

“This incident highlights the importance of extreme caution when dealing with cryptocurrency transactions.”

In the past, one investor lost an astounding $72 million to this scam, and another lost $146 million months later. This demonstrates that even experienced investors are vulnerable.

Details of the Recent Attack

The recent incident was detected by Scam Sniffer, a cryptocurrency scam detection and prevention service. While falling for this type of scam isn’t uncommon, the fact that the victim repeated the mistake is particularly noteworthy.

Scam Sniffer reported the initial loss, stating, “A victim lost $843,166 by copying the wrong address from a contaminated transfer history.” They followed up shortly after, adding, “ALERT: The same victim sent another $1.7 million to the wrong address again.”

The scammers’ tactic is evident when examining block explorers. Both the legitimate address and the fraudulent one share the same beginning and end.

  • 0x4668D1Fe87444a4d7508e83c89bfDAF1117e6B76 → Correct Address
  • 0x4668EE748c88DA4FEc595773b22f96f366eD6B76 → Scammers’ Address

Many wallets and exchanges only display the first and last few characters of an address, such as 0x4668…6B76. This practice can mislead even seasoned investors who typically only verify the beginning and end of an address.

While this design choice may partially excuse the victim’s error, the primary mistake was copying an address from their transaction history. Scammers exploit both inattention and laziness by sending small amounts from similar addresses, making this a cost-effective and scalable attack.

Protect Yourself

The key takeaway is to always exercise caution and double-check every character of the address before sending cryptocurrency. Never copy addresses from your transaction history.


Stay ahead of the curve in the fast-paced crypto world – explore the latest updates and trends at Cryptonewsfeeds.com.
© Copyright 2025 Crypto News Feeds