In a shocking incident within the cryptocurrency community, a single victim has suffered a staggering loss of $2.5 million due to a double phishing scam. As reported by the crypto compliance firm Cyvers, the victim was manipulated into sending an initial amount of 843,000 worth of Tether (USDT), only to part with an additional 2.6 million USDT approximately three hours later. Such occurrences underline the sophisticated tactics employed by scammers in today’s cryptocurrency ecosystem.
The scam employed a technique known as a zero-value transfer. This intricate form of onchain phishing exploits the token transfer functions of blockchain technology, tricking users into sending actual funds to fraudulent addresses.
Zero-value transfers manipulate the inherent trust users place in their transaction histories. By abusing the token transferFrom function, scammers transfer zero tokens from a victim’s wallet to a deceiving address, allowing their malicious activities to go undetected. Consequently, victims often mistakenly trust this address, believing it to be a familiar recipient, and continue to send real assets, resulting in significant losses.
This method represents a notable evolution from simpler address poisoning attacks, where scammers send minuscule amounts of cryptocurrency from addresses closely resembling real ones. The aim is to confuse users sufficiently to generate a pattern of mistakenly sending funds to the wrong address, subsequently leading to potential financial loss.
Escalating Threat Across Blockchain Platforms
Research conducted in January 2025 revealed alarming statistics; over 270 million address poisoning attempts were recorded on prominent platforms such as BNB Chain and Ethereum over a two-year period. Of these attempts, approximately 6,000 instances were successful, resulting in losses exceeding $83 million.
A growing number of initiatives, including an artificial intelligence tool developed by crypto cybersecurity firm Trugard, aim to address this issue. The technology boasts a claimed efficacy rate of 97% in detecting and preventing address poisoning attacks, although users must remain vigilant and informed about the evolving landscape of cryptocurrency scams.
As the cryptocurrency sector continues to flourish, so does the creativity and determination of those seeking to exploit it. Hence, it becomes increasingly crucial for cryptocurrency users to educate themselves on potential threats, remain aware of their transaction environments, and employ various security measures to safeguard their investments.
