MetaMask's new feature blocks address poisoning by comparing pasted addresses against interaction history. Over 65.4 million attacks were detected in the last 14 months.
Alpha Score of 56 reflects moderate overall profile with moderate momentum, moderate value, moderate quality. Based on 3 of 4 signals – score is capped at 90 until remaining data ingests.
MetaMask has released a security feature that automatically blocks address poisoning attacks, one of the most common crypto scams in the last two years. The wallet now checks any pasted address against the user's transaction history and alerts them if a close-but-different prefix and suffix match a known address, the company said in a blog post.
Address poisoning works by exploiting a shortcut most people use. They verify only the first few and last few characters of a wallet address. Attackers monitor public blockchain records for frequent recipients, then generate a lookalike address with the same opening and closing characters. They send a tiny “dust” transaction to the victim’s wallet. That fake address then appears in the activity log. When the user later copies an address from that log, they grab the spoofed one instead of the real one. The funds go to the attacker and cannot be recovered.
Data from Blockaid, a security firm, shows over 65.4 million such incidents between January 2025 and February 2026. The scam has grown alongside the rise of DeFi and self-custody wallets, where transaction history is the primary address book.
MetaMask’s new feature does not rely on user vigilance alone. It runs in the send flow: when someone pastes an address, the wallet compares it with every address previously interacted with. If the pasted address matches the prefix and suffix of a known address but differs in the middle section, a blocking alert appears. The user cannot confirm the transaction without dismissing the warning. The system also shows a first-time transaction warning when sending to an entirely new address.
The technology works on all EVM-compatible networks. MetaMask said it plans to expand support to other chains.
Another change: MetaMask now displays more characters of each address in the interface. Previously, wallets truncated addresses to a short string like 0xEdf89…ff7ED. That made mimicry easy. The updated view shows a longer segment – 0xEdf89FdA047F28…C6341a8ff7ED – making visual spoofing harder.
The wallet does not automatically reject suspicious transactions. MetaMask opted to preserve self-custody by showing a warning and letting the user decide. The detection is available on both the mobile app and the browser extension. MetaMask encouraged users to update their wallets.
Prepared with AlphaScala research tooling and grounded in primary market data: live prices, fundamentals, SEC filings, hedge-fund holdings, and insider activity. Each story is checked against AlphaScala publishing rules before release. Educational coverage, not personalized advice.