Binance’s CZ Calls for Wallet-Level Fixes to Stop Poisoning Scams

Why Is Address Poisoning Back in Focus?

Address poisoning has returned as one of the most damaging phishing tactics in crypto, drawing renewed attention from industry leaders as losses climb. The scam does not rely on breaking protocols or exploiting smart contracts. Instead, it targets wallet interfaces and user habits, exploiting how people copy and reuse addresses.

In a blog post published Wednesday, should take a more active role in stopping these attacks before funds are sent. “All wallets should simply check if a receiving address is a poison address, and block the user. This is a blockchain query,” Zhao wrote. He added that spam transactions with negligible value should be hidden entirely from wallet histories.

Address poisoning works by sending small transactions from addresses crafted to resemble legitimate ones. When users later copy an address from their transaction history—often checking only the first and last characters—they can end up sending funds directly to the attacker. The blockchain behaves as designed; the failure happens at the interface.

Investor Takeaway

How Much Damage Are These Scams Causing?

The financial impact has grown rapidly. Phishing scams drained more than $7.7 million from 6,344 victims in November, according to data from Scam Sniffer. December losses are expected to rise further later than a single address poisoning incident led to roughly $50 being transferred out of one wallet.

That incident illustrates why address poisoning has become a priority threat. Unlike complex exploits, these scams scale easily. Attackers can spray thousands of lookalike transactions across wallets at low cost, waiting for one mistake to pay off. As wallet security has improved against malicious websites and approval drainers, phishing has shifted toward simpler methods that rely on human error.

CertiK has identified phishing as the most financially damaging category of , with total losses exceeding $1 billion. Address poisoning now sits alongside approval-based attacks as a leading contributor, particularly on networks with high stablecoin usage.

What Is CZ Proposing Wallets Should Change?

Zhao’s recommendations focus on prevention rather than recovery. He called on wallets to automatically flag known poison addresses, warn users before a transaction is signed, and block transfers to addresses that match known scam patterns. He also argued that spam transactions should not appear in wallet histories at all if their value is trivial.

“Wallets should not even display these spam transactions anywhere,” Zhao wrote. “If the value of the transaction is small, just filter it out.”

The logic is straightforward: if users never view the poisoned transaction, they cannot accidentally reuse the attacker’s address. Binance has previously said its security team runs internal systems that identify poisoned addresses across major networks, claiming to have flagged around 15 million such addresses. Zhao’s post pushes wallet developers to build similar checks directly into consumer products.

Investor Takeaway

Why Stablecoins Are Central to Address Poisoning

The largest recent loss involved USDT, the most widely used stablecoin. in phishing because they offer deep liquidity and rapid exit paths. Once stolen, funds can be swapped, bridged, or split across wallets in minutes, limiting the chance of recovery unless centralized platforms intervene.

Occasionally, funds are returned. In one case in May 2024, a victim lost $71 million to address poisoning before the attacker sent the funds back weeks later, reportedly later than investigators applied pressure. Such outcomes are rare. Most victims have no recourse once assets leave their wallet.

This reality strengthens the case for prevention. By the time a poisoned transfer is confirmed on-chain, the damage is usually done.

Where the Debate Is Likely to Go

Zhao’s call for wallet-level blacklists will not be universally accepted without questions. Shared databases of malicious addresses raise issues around governance and accuracy. A false positive could block a legitimate payment, while attackers constantly rotate addresses to evade detection.

There is also a trade-off between securety and transparency. Some users prefer full visibility into on-chain activity, including spam transactions, while others want wallets to act more like consumer financial apps that hide noise and reduce risk.

Still, the trend in crypto crime is clear. As protocol defenses harden, attackers are turning to low-tech methods that exploit how users interact with software. Address poisoning reflects that shift. Whether wallets adopt Zhao’s proposals broadly or selectively, pressure is growing for them to do more than passively display blockchain data.

With phishing losses mounting and single incidents now capable of draining tens of millions of dollars, the focus is moving upstream—toward stopping mistakes before users sign them.