Crypto scams have been rapidly increasing recently. In particular, the zero-value transfer phishing method is threatening investors. In this method, scammers manipulate users’ wallet histories with zero-value token transfers. Users, mistaking fake addresses for legitimate ones, accidentally send their assets to scammers.  

An investor fell victim to two separate zero-value transfer scams within three hours, losing 843,000 USDT and 1.75 million USDT. According to Cyvers’ report dated May 26, 2025, this method employs a sophisticated onchain phishing tactic. Scammers exploit the token transferFrom function to add zero-value transactions to wallets, causing users to copy incorrect addresses. Additionally, between 2022 and 2024, 270 million address poisoning attempts were detected on Ethereum and BNB Chain. Of these, 6,633 were successful, resulting in losses of 83.8 million dollars.  

ALERTOur system has detected~2.6M $USDT loss from a targeted address poisoning scam involving zero-value transfers. A single victim was repeatedly scammed by the same attacker address.

First, the victim lost 843K $USDT.
About 3 hours later, the same victim sent 1.75M… pic.twitter.com/WWVlrZvavK

— Cyvers Alerts (@CyversAlerts) May 26, 2025

Address Poisoning and Security Measures  

Address poisoning is another method frequently used by scammers. In this technique, scammers create fake addresses that closely resemble legitimate wallet addresses. For example, they mimic the first and last characters of an address to deceive users. In one incident, an investor sent 71 million dollars’ worth of Wrapped Bitcoin to a fake address, but the scammer returned the funds. However, in similar cases, losses are often unrecoverable.

According to CertiK’s 2025 report, phishing attacks in 2024 caused losses exceeding 1 billion dollars. Users should carefully verify addresses before transactions. Using hardware wallets, enabling two-factor authentication, and updating software only from trusted sources enhance security. Additionally, conducting small test transactions can prevent significant losses.  

For instance, Scam Sniffer reported a 771,000-dollar loss due to address poisoning in February 2025. Users should regularly check their wallet histories and report suspicious transactions.  

Crypto Scam: 20 Million USDT Theft  

In a notable case, on August 1, 2023, a scammer successfully stole 20 million USDT through a zero-value transfer phishing attack. According to PeckShield’s report, the victim (wallet address: 0x4071…9Cbc) intended to send funds to 0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570. However, the scammer used a similar fake address (0xa7Bf48749D2E4aA29e3209879956b9bAa9E90570) to deceive the investor. After the investor sent 10 million USDT from Binance to another address, the scammer intervened, manipulating the transaction history with a fake zero USDT transfer. As a result, the victim sent 20 million USDT to the scammer’s address.

Tether blacklisted the fake address approximately one hour after detecting the scam. This swift response drew attention in the crypto community. ZachXBT questioned Tether’s speed, suggesting that a “serious player” might be behind the incident. This event highlights that zero-value transfer scams caused over 40 million dollars in losses in 2023.  

You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.

The post Crypto Fraud Alert: 20M USDT Missing in Scam appeared first on Coin Engineer.