Changpeng Zhao (CZ), the co-founder of Binance, has called on blockchain explorers to implement proactive measures against the growing threat of address poisoning attacks. In a recent statement on X (formerly Twitter), Zhao argued that these platforms should directly filter out spam transactions instead of displaying them to users. According to CZ, the technical implementation of such filters is relatively straightforward and would significantly reduce the risk of users accidentally copying fraudulent addresses from their transaction history.
The Mechanism of Address Poisoning
Address poisoning is a sophisticated social engineering tactic where attackers use automated bots to monitor active wallets. Once a legitimate transfer is detected, the bot generates a vanity address that mimics the first and last characters of the original recipient's address. The attacker then sends a "dust" transaction—a transfer of negligible value—to the victim's wallet.
This tactic aims to "pollute" the user's transaction log, tricking them into copying the attacker's lookalike address for future high-value transfers.
Recent data highlights the severity of this issue:
- Ethereum address poisoning attempts surged by 612% following the Fusaka upgrade on December 3, 2025.
- Between 2022 and 2024, approximately 17 million poisoning attempts targeted 1.3 million users, resulting in confirmed losses exceeding $79 million.
- In early 2026, address poisoning scams cost Ethereum users an estimated $62 million in just two months.
Industry Standards and Future AI Integration
Zhao noted that several wallet applications, including Trust Wallet and Binance Wallet, have already integrated similar spam-filtering functionalities. These tools work by identifying zero-value or suspicious micro-transactions and hiding them from the user interface. While CZ acknowledged that such filtering might impact legitimate micropayments between AI agents in the future, he emphasized that AI technology could eventually be utilized to differentiate between genuine traffic and malicious spam.
Block explorers should filter these spam transactions by default. It is technically easy to do and would protect users from copying the wrong addresses.
Etherscan has also issued warnings regarding the increasing automation of these attacks. The platform recently introduced an Address Highlight feature to help users visually distinguish between similar-looking addresses. However, experts continue to recommend that users manually verify every character of a recipient's address and utilize the Ethereum Name Service (ENS) or private name tags to ensure security.
The call for enhanced filtering comes as Ethereum network activity reaches record highs, making it increasingly difficult for manual oversight to keep pace with automated fraudulent campaigns. By shifting the responsibility of spam detection to the infrastructure level—specifically block explorers and wallets—industry leaders hope to eradicate this specific class of cybercrime.
Frequently Asked Questions
Quick answers to the most common questions about this topic.
For educational purposes only. Nothing here constitutes financial or investment advice. Crypto markets are highly volatile — always DYOR before making any decisions.
Fact-checked per our editorial policy. We maintain strict independence from advertisers. Spot an error? Let us know.