One victim lost 140 ETH after copying a lookalike address “poisoned” into their transaction history. Similar scams drained $880,000 from another victim, alongside multiple smaller thefts. On top of this, malicious signature requests stole more than $600,000, including $165,000 in a single attack. The FBI also warned of fraudulent “crypto recovery law firms” targeting scam victims for additional theft, amid rising crypto-related crime that saw $2.5 billion lost in the first half of 2025.
Crypto Users Hit by Address Poisoning Spree
Crypto scammers stole more than $1.6 million from unsuspecting users through address poisoning attacks in just the past week. This means that these attacks surpassed the total losses that were recorded in the entire month of March.
One of the most serious incidents occurred on Friday, when a victim mistakenly sent 140 Ethereum (ETH), valued at roughly $636,500, to a fraudulent address. According to scam prevention platform ScamSniffer, the victim copied the wrong address from their transaction history after it was “poisoned” with a lookalike entry. The history, ScamSniffer explained, was already filled with malicious addresses, making it only a matter of time before the trap succeeded.
The theft was not an isolated case. On Sunday, another victim lost $880,000 worth of cryptocurrency to the same type of scam. Additional reports from cybersecurity alerts revealed smaller losses, including $80,000 from one user and $62,000 from another. Combined data from multiple security firms confirmed that over $1.6 million was drained from victims’ wallets through address poisoning since Sunday, which is more than the $1.2 million that was lost to these attacks in March.
Address poisoning works by sending small transactions from addresses that closely resemble those of legitimate contacts or previous transactions. This fake entry then appears in the victim’s transaction history, and if the victim copies the address for a future transfer without double-checking, the funds are sent directly to the scammer. Web3 Antivirus described it as a form of “transaction history poisoning,” which exploits user habits and reliance on partial address verification.
On top of address poisoning scams, scammers also took more than $600,000 from victims this week through malicious signature requests, like “approve,” “increaseAllowance,” and “permit” signatures. One such attack on Tuesday resulted in the loss of $165,000 worth of BLOCK and DOLO tokens after the victim unknowingly granted the scammer access to their funds.
Security experts urged crypto users to adopt best practices like maintaining an address book or whitelist and verifying the full wallet address before initiating any transaction.
Scam Law Firms Target Crypto Victims
The US Federal Bureau of Investigation (FBI) also recently issued a new warning to victims of crypto scams, and pointed out that fraudulent law firms are promising to recover stolen funds. In a public service announcement that was made on Wednesday, the agency said these fictitious firms are specifically targeting people who already lost some or all of their crypto holdings, putting them at risk of even more losses and potential compromise of personal data.
Warning from the FBI
According to the FBI, the scam typically involves unsolicited contact from so-called “crypto recovery law firms” or legal entities requesting payment in cryptocurrency or prepaid gift cards. The bureau explained that legitimate law firms do not operate this way and urged people to be wary of any such outreach, especially if they have not reported the initial scam to law enforcement or civil protection agencies. This latest notice builds on similar warnings the FBI issued in August of 2023 and June of 2024.
The warning was also made against the backdrop of rising crypto-related crime. Blockchain security firm CertiK reported that approximately $2.5 billion was lost to hacks, exploits, and scams in the first half of 2025 alone. While some victims manage to recover funds through exchanges or other means, many are left to navigate the aftermath without formal assistance, making them vulnerable to secondary scams.
US Treasury Secretary Scott Bessent stated that any digital assets seized by authorities will be added to the national cryptocurrency stockpile—sometimes referred to as a Bitcoin reserve—after compensating affected victims. In April, the FBI’s Dallas division seized $2.4 million worth of Bitcoin linked to an alleged member of a hacking group, later seeking a legal claim on the assets in July.
The risks to crypto holders extend beyond online scams as some criminals are resorting to physical threats. SatoshiLabs founder Alena Vranova estimated that at least one Bitcoin holder somewhere in the world is targeted each week in incidents involving kidnapping or ransom demands.
