Checks if a given wallet address has been targeted by similar-looking addresses in potential poisoning attacks.
This endpoint detects potential address poisoning attacks on Ethereum wallets by analyzing transaction history and flagging spoofed addresses that closely resemble known or previously interacted addresses.
How Address Poisoning it Works
- A scammer sends a $0 token transfer to your wallet.
- The “from” address is crafted to look nearly identical to one you’ve interacted with before.
- This fake transaction appears in your wallet history.
- Later, if you copy/paste this address—thinking it’s your friend, an exchange, or your cold wallet—you may unknowingly send funds to the attacker.
Why It's Dangerous
❌ It doesn’t trigger most phishing or scam alerts
🧪 It mimics normal wallet activity
🤖 It preys on habits like copying addresses from recent history
TLDR
Scammers are poisoning wallet histories with look-alike addresses and fake $0 token transfers.
One wrong copy-paste, and your funds are gone.
Test Address
To test this endpoint, consider testing the victim address for a known address poisoning attack:
0xCF03Aa88AfDA357C837b9DDD38A678E3Ad7Cd5D7
Suspicion Score Function Calculation
The endpoint computes a composite suspicion score (0–100) to help flag potential spoofing or address poisoning attempts. It combines several heuristics. Please get in touch with a team member if you'd like more details into how the score is calculated.
The score is capped at 100.