Don't Copy & Paste!
cpoetter.eth
0xd26b
August 17th, 2024

Did you ever want to transfer tokens to your friend, Alice, but couldn’t remember her wallet address? Maybe you remember that you sent her tokens a couple of weeks ago already. So is it a good idea to have a look at the block explorer, find the transaction, and copy the wallet address from there? Well, it depends.

Always keep in mind that scammers do everything to trick you into doing something stupid. They don’t sleep and invent new methods to get hold of your tokens.

Recently, I transferred some $ARB to another wallet. But the block explorer displays two additional transactions now which look very similar to my own transaction. However, those transactions were not initiated by me.

Here are those three transactions on the block explorer:

block explorer view
block explorer view

My transaction is the third one from 16:53:40 UTC.

The transaction from 16:54:24 UTC sends the same amount of $ARB. But it is a fake contract address, not the real $ARB. Here are the two contracts:

the real $ARB contract
the real $ARB contract
fake $ARB contract
fake $ARB contract

The transaction from 17:02:34 UTC is a zero value transaction (that’s what the warning indicates as well), involving the real $ARB contract.

Now let’s have a look at the recipients’ wallet addresses in the To field.

recipient addresses
recipient addresses

Reminder: the third address is from my transaction.

Most of you probably know that Ethereum addresses (and those of its Layer2s and side chains) are 42 characters long. Hardly anyone can remember them. So quite often, the addresses are shortened on dapps, block explorers,… and only the first and last 4-8 or so characters are displayed.

Back to the screenshot above: The recipient addresses look quite similar but not the same! Scammers have built tools to create multiple wallet addresses automatically on the fly which resemble existing addresses.

As you can see from the second transaction, I was not singled out as a target. The transaction is involving several other wallets that transferred some popular tokens:

more targets
more targets

I guess, the intention of the scammer has become obvious by now: trick me into copying the wrong wallet address form the block explorer. The scammer made sure that:

  • there is a transaction with a similar timestamp to my own one

  • that the transaction displays the same amount of (fake) $ARB

  • that there also is a zero value transaction with the real $ARB contract so that the correct icon and contract are displayed

So if I was looking for Alice’s address someday on the block explorer, I will stumble on those transactions. Yes, there are three transactions (two with the scammer’s wallet as a recipient) but I might think that there is a glitch when the block explorer is reading the chain. Eventually, I might copy the wrong address.

Don’t simply copy and paste addresses from the block explorer (or any other source). Always verify. Be vigilant and stay safe!

Photo by Serge S on Unsplash

Subscribe to cpoetter.eth
Receive the latest updates directly to your inbox.
Mint this entry as an NFT to add it to your collection.
Verification
This entry has been permanently stored onchain and signed by its creator.
Arweave Transaction
mrq-zyzVkHTrjLR…a2WftJUmWoci-WU
Author Address
0xd26b76e50f6510c…279705f36946d23
Content Digest
9vCEKpQPBdUgpcy…_GoMZ9UYrD4fRBk