Address Poisoning

An old trick that still catches even experienced users off guard. Recently, a prominent influencer lost 126,000 TON after sending them to a scammer's address. Here's how it works and how to protect yourself.

✍️ What is address poisoning?

Scammers create clone addresses that look almost identical to addresses you've interacted with—they share the same first and last characters.

They send tiny amounts (e.g. 0.0001 TON) to your wallet so that their fake address appears in your Activity feed.

When you send funds later, you might copy the recipient's address from history out of habit—and end up sending everything to the scammer's wallet instead.

🥷 How it works?

🕵️ How to protect yourself?

Anti-poisoning in MyTonWallet

MyTonWallet includes anti-poisoning protection. The wallet automatically detects transfers from scammers who generate addresses with the same initial and final characters and marks them with the "Scam" label, so you can spot fake addresses in your Activity feed.

Other steps you can take

• Verify the full address, not just the first and last characters.

• Use the Saved Addresses feature for people and services you send to often.

• Make sure Hide Tiny Transfers is turned on in Settings → Assets & Activity so scam transfers are less likely to appear in your feed.