Ethereum’s Layer 1 network is seeing a rise in address poisoning attacks, highlighted by analyst Ignas on March 12. Once considered a minor nuisance, these attacks are now industrialized, targeting users with automated, lookalike transactions.

A study carried out in 2025 revealed that between July 2022 and June 2024, there were about 17 million poisoning attempts targeting 1.3 million users on Ethereum, with confirmed losses exceeding $79 million.

The attackers monitor blockchain activities to identify targets and generate addresses that resemble legitimate ones.

These addresses are then used to deceive users into copying them for future use. There are multiple attackers who compete to ensure that their address is listed first in the transaction history.

In one case, there were 13 poison transfers in just minutes following one USDT transaction. Chains with lower fees, like Binance Smart Chain, see poison transfers 1,355% more frequently than Ethereum.

According to expert Ignas, as Ethereum grows, these types of attacks are getting cheaper and more automated. Address poisoning has become a large operation.

Also Read: Ethereum Faces Short-Term Pressure, $2,120 Resistance Critical for Next Move

Ethereum’s Fusaka Upgrade Boosts Scalability and Lowers Fees

The Fusaka upgrade activated in December 2025. It made Ethereum faster and cheaper. This is beneficial to normal users, but it also makes Ethereum cheaper for attackers.

After the upgrade, there was an increase in very small transactions. For USDT, transfers under $0.01 increased from 4.2 million to 29.9 million, a 612% increase. For USDC, there was a 473% increase, and DAI had a 470% increase. Transfers under 0.00001 ETH increased by 62%.

As etherscan.eth data shows, such small transactions are often copies of tokens that users have previously used to add malicious addresses to users’ transaction history.

In most attacks, attackers send tokens to newly created fake addresses that forward small transactions one by one. While not all small transactions are malicious, a lot of them seem intended to mislead users.

Use Recognizable Addresses with Private Tags or ENS Domains

However, with more attacks occurring, users can take simple steps to protect their money. First, users can use private tags or ENS names to easily identify addresses. Second, users should enable the highlight features on platforms like Etherscan.

Third, users should always verify addresses before sending money. Wallets like Rabby help users because transactions are safer. Users should always be aware of what is going on and carefully handle their addresses since crypto transactions cannot be reversed.

Also Read: Ethereum Whales Accumulate $152M in ETH as Network Hits All-Time High