On-Chain Security Alert Escalates: Address Poisoning and Signature Phishing Surge, Expanding Crypto Loss Risks

Security ReportCrypto ScamUser SafetyOn-Chain MonitoringRisk Alert ---

On February 8, Scam Sniffer released its January 2026 Crypto Security Report, revealing that a user lost $12.25 million after copying an incorrect wallet address from transaction history and mistakenly transferring funds to an attacker.

This was not an isolated incident. In December 2025, another user lost approximately $50 million after copying a forged address embedded in manipulated transaction records. Security researchers classify this method as Address Poisoning, where attackers send small transactions to mimic legitimate history and trick users into copying malicious addresses.

Sharp Increase in Signature Phishing Attacks

Beyond address poisoning, Signature Phishing attacks rose significantly in January 2026, with data showing:

  • 4,741 victims
  • Around $6.27 million in total losses
  • A 207% month-over-month increase compared with December 2025
  • These attacks typically involve fake websites or malicious DApps that lure users into signing authorization requests. Because no direct transfer is required, victims often fail to recognize the risk until assets are compromised.

Attack Methods Becoming More Sophisticated

Security researchers note that crypto scams are becoming increasingly targeted and covert, including:

  • Forging realistic transaction histories using on-chain data
  • Imitating well-known project interfaces to induce authorization
  • Distributing phishing links via social media and private messages
  • Leveraging AI-generated content to enhance credibility
  • With the barrier to entry for attack tools decreasing, both retail users and professional traders are now frequent targets.

Risk Prevention Measures and Industry Responses

Industry participants emphasize that beyond user education, continuous on-chain behavior monitoring is becoming essential. Some institutions deploy tools such as Trustformer KYT to identify suspicious address relationships, fraud fund flows, and abnormal interactions, enabling proactive risk alerts and improved compliance monitoring.

For individual users, security agencies recommend:

  • Avoid copying addresses directly from transaction history
  • Use address whitelists or label verification
  • Carefully review unknown signing requests
  • Enable risk alerts through hardware wallets or security extensions

Conclusion

From address poisoning to signature phishing, crypto fraud tactics continue to evolve rapidly. As user adoption and transaction frequency grow, security awareness and risk management capabilities are becoming critical infrastructure for participation in the crypto ecosystem.

About Trustformer

Trustformer is a leading blockchain security and compliance technology company specializing in providing professional risk management and compliance solutions for the global cryptocurrency ecosystem. We have developed the cutting-edge Trustformer KYT (Know Your Transaction) platform, which integrates artificial intelligence, blockchain analytics, and regulatory technology to deliver comprehensive, accurate real-time transaction monitoring, risk assessment, and suspicious activity reporting services.

With deep industry expertise and technological innovation, Trustformer is dedicated to helping Virtual Asset Service Providers (VASPs), crypto financial institutions, and investors build a safer and more transparent crypto financial environment. We believe that driving compliance and trust through technology can contribute to the thriving growth of the global digital economy.