A simple slip of the fingers has turned into huge losses for some crypto users. One wallet lost over $12 million in January after copying the wrong address, and similar high-value mistakes were seen in December.
Reports say attackers are using tiny deposits and subtle address tweaks to trick people into sending funds to accounts they do not control.
How Copying Mistakes Turn Costly
Address lookalikes are the trick. Attackers send tiny “dust” transfers from addresses that mimic ones in a user’s history so that when someone copies an address they get the wrong string.
According to Scam Sniffer, that single mistake cost one user $12.2 million in January and followed a $50 million hit in December.
The tactic relies on people trusting what appears familiar; it works because most wallets show only the first and last few characters, and the middle can be swapped for a malicious match.
Someone lost $12.25M in January by copying the wrong address from their transaction history. In December, another victim lost $50M the same way.
Two victims. $62M gone.
Signature phishing also surged — $6.27M stolen across 4,741 victims (+207% vs Dec).
Top cases:
· $3.02M —... pic.twitter.com/7D5ynInRrb— Scam Sniffer | Web3 Anti-Scam (@realScamSniffer) February 8, 2026
Signature Phishing Is Growing Too
Signature scams lure users into approving dangerous contract calls or broad token approvals. Reports say $6.27 million was stolen from 4,741 victims in January, a 207% rise from December.
Two wallets took the lion’s share — accounting for 65% of those signature phishing losses. Attackers increasingly mix both tricks: small deposits to get attention, followed by social engineering that convinces someone to sign a transaction.
Scale And Automation
This is not limited to a few isolated scams. Based on reports from several trackers, roughly 270 million poisoning attempts have been recorded across Ethereum and Binance Smart Chain, targeting around 17 million addresses.
Total crypto market cap at $2.35 trillion on the daily chart: TradingView
Confirmed cases leading to actual theft number about 6,633, but the confirmed loss figure already tops $83.8 million. One campaign alone created 82,030 lookalike wallets, and in September 2025 there were about 32,290 suspicious poisoning events hitting 6,516 unique victims.
The numbers show a picture of automated scripts and high-volume tactics designed to find and exploit simple human errors.
Image: Chainalysis
Why Ethereum Has Seen More Dust Activity
Analysts link part of the recent surge to the Fusaka upgrade, which lowered the cost of sending tiny transactions. Coin Metrics analyzed over 227 million stablecoin balance updates on Ethereum from November 2025 through January 2026 and found that 38% of those updates were under a single penny.
Stablecoin-related dust now makes up an estimated 11% of Ethereum transactions and touches 26% of active addresses on an average day. Lower fees make these spray-and-pray tactics cheap and efficient.
Where Stolen Funds End Up
Blockchain intelligence teams have tracked flows and noticed patterns. Whitestream reports that DAI has become a favored place to park illicit proceeds because its protocol governance does not cooperate with authorities to freeze wallets.
Web3 Antivirus has cataloged a range of large poisonings, with tracked losses spanning from $4 million to $126 million in some incidents. Once funds move through these paths they are often hard to recover.
Featured image from Arek Socha/Pixabay, chart from TradingView
