Crypto scams have been rapidly increasing recently. In particular, the zero-value transfer phishing method is threatening investors. In this method, scammers manipulate users’ wallet histories with zero-value token transfers. Users, mistaking fake addresses for legitimate ones, accidentally send their assets to scammers.  

An investor fell victim to two separate zero-value transfer scams within three hours, losing 843,000 USDT and 1.75 million USDT. According to Cyvers’ report dated May 26, 2025, this method employs a sophisticated onchain phishing tactic. Scammers exploit the token transferFrom function to add zero-value transactions to wallets, causing users to copy incorrect addresses. Additionally, between 2022 and 2024, 270 million address poisoning attempts were detected on Ethereum and BNB Chain. Of these, 6,633 were successful, resulting in losses of 83.8 million dollars.  

ALERTOur system has detected~2.6M $USDT loss from a targeted address poisoning scam involving zero-value transfers. A single victim was repeatedly scammed by the same attacker address.

First, the victim lost 843K $USDT.
About 3 hours later, the same victim sent 1.75M… pic.twitter.com/WWVlrZvavK

— Cyvers Alerts (@CyversAlerts) May 26, 2025

Address Poisoning and Security Measures  

Address poisoning is another method frequently used by scammers. In this technique, scammers create fake addresses that closely resemble legitimate wallet addresses. For example, they mimic the first and last characters of an address to deceive users. In one incident, an investor sent 71 million dollars’ worth of Wrapped Bitcoin to a fake address, but the scammer returned the funds. However, in similar cases, losses are often unrecoverable.

According to CertiK’s 2025 report, phishing attacks in 2024 caused losses exceeding 1 billion dollars. Users should carefully verify addresses before transactions. Using hardware wallets, enabling two-factor authentication, and updating software only from trusted sources enhance security. Additionally, conducting small test transactions can prevent significant losses.  

For instance, Scam Sniffer reported a 771,000-dollar loss due to address poisoning in February 2025. Users should regularly check their wallet histories and report suspicious transactions.  

Crypto Scam: 20 Million USDT Theft  

In a notable case, on August 1, 2023, a scammer successfully stole 20 million USDT through a zero-value transfer phishing attack. According to PeckShield’s report, the victim (wallet address: 0x4071…9Cbc) intended to send funds to 0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570. However, the scammer used a similar fake address (0xa7Bf48749D2E4aA29e3209879956b9bAa9E90570) to deceive the investor. After the investor sent 10 million USDT from Binance to another address, the scammer intervened, manipulating the transaction history with a fake zero USDT transfer. As a result, the victim sent 20 million USDT to the scammer’s address.

Tether blacklisted the fake address approximately one hour after detecting the scam. This swift response drew attention in the crypto community. ZachXBT questioned Tether’s speed, suggesting that a “serious player” might be behind the incident. This event highlights that zero-value transfer scams caused over 40 million dollars in losses in 2023.  

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Crypto Fraud Alert: 20M USDT Missing in Scam appeared first on Coin Engineer.

On April 21, a wallet linked to former Binance CEO Changpeng “CZ” Zhao received 90 million fake GROK tokens, according to blockchain security firm PeckShield.

The tokens were distributed using a multisend method to multiple wallets, which PeckShield described as a likely scam operation.

No Official GROK Cryptocurrency

Musk’s Grok chatbot, integrated into X, has no official token and no plans to release one. Still, scammers launched fake GROK tokens on Ethereum as early as 2023, which eventually saw a 90% price drop after minimal sales — a classic pump-and-dump pattern.

Trust Exploited Through Celebrity Branding

Scammers often impersonate trusted brands or celebrities to lure victims. In 2024, Meta was the most impersonated company in phishing reports, while Coinbase led the crypto sector in being targeted by fake accounts.

You Might Be Interested In: Elon Musk Talks About the Name of a New Memecoin!

A fake livestream pretending to be an official “AI Elon Musk giveaway” promising $20,000 in crypto was recently flagged as well.

Several Elon Musk-related memecoins have also launched on BNB Smart Chain, most lacking any real foundation or legitimacy.

Phishing Remains a Billion-Dollar Threat

Techniques like address poisoning continue to mislead users into sending funds to fraudulent wallets. According to CertiK, phishing scams have cost the crypto industry over $1 billion across 296 incidents in 2024 alone.

As scams become increasingly sophisticated, users are urged to verify projects thoroughly before interacting with any new token or crypto offer.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post CZ Receives Fake GROK Tokens Amid New Elon Musk Scam Wave appeared first on Coin Engineer.

How the Scam Played Out?

An address poisoning scam, according to MistTrack, is when an assailant transfers little sums of cryptocurrency from a wallet with a similar-looking address to one of the target wallets. The aim is to fool the victim into inadvertently forwarding money to the wrong wallet.

Bots created by scammers search for fresh transactions. MistTrack advised making the initial and final few characters appear like the address being used as they cannot break the encryption on the entirety. They said, “so the scammer is banking on the victim to [copy the] scam address instead of the victim’s original address.”

In this case, the attackers successfully fool the group into donating 10 ETH to the fictitious account by mistake by sending money from a wallet address nearly exactly matching Pink Drainer’s past wallet.

Background and Impact

This event follows an unexpected declaration from Pink Drainer on May 17, stating it would stop providing services after it has helped steal over $85 million in cryptocurrency assets. Dune Analytics data shows Pink Drainer stole $85.3 million in bitcoin since July 2023.

Although Pink Drainer may have stopped running, many other drainer toolkit companies—Angel Drainer, Pussy Drainer, and Venom Drainer—continue to help evil actors in crypto asset theft.

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Pink Drainer Falls Victim to Address Poisoning Scam, Losing $30,000 in Ether appeared first on Coin Engineer.

Blockchain detective ZachXBT shed light on the 68 million dollar Bitcoin theft that took place on May 3rd. A user, due to an “address poisoning” attack, sent 1,115 Bitcoin worth 68 million dollars to an address other than the intended one, which was specified by the attackers. The user realized the address was wrong after making the transfer, but it was too late.

The attackers, who carried out the address poisoning attack by modifying the last addresses in the victim’s transaction history, took advantage of the fact that the careless user did not check the address when sending cryptocurrency to the last address they transferred to.

The 1,115 Bitcoin sent to the attacker’s wallet has not yet been moved.

What is Address Poisoning Scam?

Address poisoning scam is a type of scam that is occasionally encountered in the cryptocurrency sector. Attackers place an address that is very similar to the target address like a Trojan horse, making it difficult to verify the address. In this way, users lose their cryptocurrency by sending it to the wrong address.

How Can You Protect Yourself?

Always be careful when making cryptocurrency transfers and double check the address you are sending to. Also, never send cryptocurrency to addresses you receive from unofficial sources.

The post 68 Million Dollar Bitcoin Stolen in Address Poisoning Attack appeared first on Coin Engineer.