Key Takeaways:
- Ethereum’s Fusaka upgrade lowered transaction fees by up to 600%.
- This made the network cheaper to use but also enabled scammers to send large volumes of spam transactions.
- However, these scams rely on volume rather than sophistication, with success rates around 0.01%.
Ethereum’s lower transaction fees are making the network cheaper and faster to use, but they are also helping scammers launch a growing wave of so-called “address poisoning” attacks.
Since the Fusaka upgrade in December 2025 reduced transaction fees by as much as 600%, attackers have been able to flood the network with millions of tiny fake transactions designed to trick users into sending funds to the wrong wallet.
The Fusaka upgrade helps Ethereum handle more transactions and lower costs by increasing block capacity and making data storage and verification more efficient.
Security researchers say these attacks rely on simple deception rather than technical hacks.
Although the success rate is extremely low, the scale of these attacks has grown dramatically as automated bots send thousands or even millions of attempts.
What address poisoning attacks actually are
Address poisoning is a scam that targets how people copy and paste wallet addresses when sending cryptocurrency.
In a typical transaction, users copy the destination address from their transaction history or from a previous transfer. Attackers exploit this habit by creating fake addresses that look very similar to legitimate ones.
Ethereum addresses are long hexadecimal strings. Attackers generate vanity addresses that intentionally match the first and last characters of a legitimate wallet address. They then send tiny transfers, sometimes worth less than one cent, so the fake address appears in the victim’s transaction history and can be mistakenly copied later.
Address poisoning attacks are getting out of hand. I just sent two stablecoin transactions and received +89 emails from my Etherscan address watch alert notifications.
It took them <30 mins to create all of these on mainnet.
So many will fall victim to this. pic.twitter.com/H1nGaMMprE
— Nima 👁️ (@0xNimaRa) February 13, 2026
If the victim later copies that address by mistake and sends funds to it, the money goes directly to the attacker.
The tactic has existed for several years, but automation has dramatically increased its scale.
One Ethereum user recently reported receiving more than 89 address alerts within just 30 minutes after making two stablecoin transfers, illustrating how quickly attackers can flood a wallet’s transaction list.
Lower fees make large-scale scams easier
The Fusaka upgrade made Ethereum significantly cheaper to use, which benefits developers and everyday users. But it also reduced the cost for attackers to spam the network with fake transfers.
TRM Labs research analyzing activity between July 2022 and June 2024 identified more than 17 million poisoning attempts targeting around 1.3 million users, resulting in over 6,600 thefts and at least $83 million in losses. Because this data predates the Fusaka upgrade, it illustrates the historical scale of address-poisoning attacks rather than activity following the upgrade.
Victim lost $50M to address poisoning
Swapped for $ETH and transferred to two wallet
I'm really speechless wtf
Victim: 0xcB80784ef74C98A89b6Ab8D96ebE890859600819
Theft: 0xBaFF2F13638C04B10F8119760B2D2aE86b08f8b5
0xBcb94F7609973E5ea7d2CbeDAf0C5518b911e6cb… pic.twitter.com/pZUV4eqakA— Specter (@SpecterAnalyst) December 19, 2025
Because each attack costs very little, scammers rely on volume. Even if only one in 10,000 attempts succeeds, a single large transfer can generate significant profits.
Lower fees have accelerated this strategy. Data shows that “dust transfers”, tiny transactions often used in poisoning campaigns, rose sharply after the Fusaka upgrade.
For example, dust transfers involving the stablecoin USDT increased from 4.2 million before the upgrade to nearly 30 million afterward, a rise of more than 600%.
Simple steps can prevent the scam
Despite the scale of these campaigns, protecting against address poisoning is relatively straightforward.
The most important rule is simple: always verify the full destination address before sending funds.
— etherscan.eth (@etherscan) March 12, 2026
Users should avoid copying addresses directly from transaction history and instead rely on saved wallet contacts or address books. Services like (Ethereum Name Service) ENS domain names can also make addresses easier to recognize.
Blockchain explorers and wallets are also improving defenses. Some platforms now label suspicious addresses or block zero-value spam transfers in real time.
Awareness is key. Because cryptocurrency transactions cannot be reversed, even a small mistake, like copying the wrong address, can lead to permanent losses.
