Binance CEO Changpeng ‘CZ’ Zhao warned his followers on X about a tricky and increasingly popular scam targeting the crypto community, in which fake wallet addresses are used to defraud users during transactions.
The scheme generates addresses with the same starting and ending characters as the user’s original address. Once the mirrored address has been generated, the scammer sends the target dust transactions that will reflect on the victim’s transaction history. If the victim copies and pastes an address from one of the dust transactions, the funds will be sent to the scammer.
According to CZ, a well-experienced crypto operator fell victim to this scam on Aug. 1, sending cryptocurrencies worth $20 million to a dust address. The operator noticed the error right after the transaction and requested Binance to freeze the Tether (USDT) before it reached the scammer.
I want to share this (luckily) unsuccessful, but very clever and close scam incident from yesterday . Saved $20m. Hope it may also save you one day.
The scammers are so good now they generate addresses with the same starting and ending letters, which is what most people check… https://t.co/DFpdX8aNay
— CZ Binance (@cz_binance) August 2, 2023
The incident could be avoided by using a blockchain domain, such as the Ethereum Name Service (ENS). Blockchain domains are similar to email addresses, allowing users to identify wallets using regular words rather than a long string of letters and numbers. Binance users can purchase domains through the platform.
Furthermore, security specialists do not recommend users copy and paste addresses from applications to transfer funds. Users are also advised to use strong, unique passwords for crypto accounts and enable two-factor authentication (2FA) on applications.
The timely response from Binance helped the user avoid a major security incident, but other victims were less fortunate. Replying to CZ’s thread, another user reported sending $20,000 USDT for a dust address in a similar scam. Still, after contacting Binance’s support team within 20 minutes after the transaction, no option was provided to freeze the funds. Nearly 12 hours later, the victim’s funds were transferred to a crypto mixer with no chance of recovery.
Users of Coinbase have reported similar security incidents. Victims have reported scams and phishing attacks related to the company’s services and applications, including claims that scammers are contacting clients using the domain name of the crypto exchange.