Trust Wallet, a leading crypto wallet app used by millions globally, has introduced a new automated security feature designed to combat the widespread crypto scam known as “address poisoning.” According to the company’s announcement, this innovative measure aims to safeguard users before any fraudulent transactions occur.
How Address Poisoning Scams Target Crypto Users
Address poisoning typically involves attackers sending a negligible amount of worthless tokens from a wallet address that looks almost identical to the legitimate one, with only minor differences hidden in the string of characters. These fake addresses are crafted so their beginning and end match the real address, making subtle alterations in the middle that are often overlooked by even experienced users.
Victims are tricked when they want to transfer funds and mistakenly copy this near-identical address from their past transactions, believing it to be their own or a trusted one. As a result, they end up sending large sums to the scammer, with no means to reverse the transaction—a painful lesson given the irreversible nature of blockchain transfers.
Cybersecurity company Cyvers has found that over a million address poisoning attempts occur daily on the Ethereum network alone. Trust Wallet’s own data indicates that as many as 34,000 of these attacks succeed every hour across the ecosystem. These figures indicate that address poisoning is not a rare event but has become an industrial-scale operation in the crypto sphere.
Trust Wallet’s Security Feature: How It Works
Trust Wallet’s new Address Poisoning Protection system operates automatically within its mobile app, supporting real-time scanning over 32 EVM-compatible blockchains. Whenever a user enters or copies a recipient’s address, the app checks the input against a database of known malicious addresses maintained by Web3 security firm HashDit in partnership with Binance Security.
If a suspicious match appears, Trust Wallet visually compares both addresses side-by-side, highlighting any differences between the strings. This approach helps users easily spot discrepancies in characters they might otherwise miss, giving them a clear warning before confirming a potentially costly transfer to the wrong address.
The new protection works automatically for all outgoing transactions, requiring no manual intervention or configuration from users, and is enabled by default to maximize coverage and effectiveness.
Scale of Attacks and Plans for Broader Coverage
One key reason behind the rapid proliferation of address poisoning scams is the straightforward, low-cost nature of the attack. Criminals exploit the common habit of copying wallet addresses, all while remaining virtually untraceable with simple on-chain actions. A single mistake by a high-value wallet owner can quickly yield substantial gains for scammers.
The relentless frequency of these attacks—tens of thousands every hour—demonstrates this scam’s profitability and persistence. Even if most attempts fail, the negligible cost per attack means a lone successful theft easily offsets the expense of thousands of failed tries.
Trust Wallet representatives stated that the new protective feature currently covers only EVM-compatible networks. However, they also confirmed plans to extend support to blockchains like Solana and Tron, which have different address structures. No timeline has yet been announced for desktop compatibility.
