
MetaMask's new feature blocks address poisoning by comparing pasted addresses against interaction history. Over 65.4 million attacks were detected in the last 14 months.
Alpha Score of 68 reflects moderate overall profile with strong momentum, moderate value, moderate quality, moderate sentiment.
MetaMask has released a security feature that automatically blocks address poisoning attacks, one of the most common crypto scams in the last two years. The wallet now checks any pasted address against the user's transaction history and alerts them if a close-but-different prefix and suffix match a known address, the company said in a blog post.
Address poisoning works by exploiting a shortcut most people use. They verify only the first few and last few characters of a wallet address. Attackers monitor public blockchain records for frequent recipients, then generate a lookalike address with the same opening and closing characters. They send a tiny “dust” transaction to the victim’s wallet. That fake address then appears in the activity log. When the user later copies an address from that log, they grab the spoofed one instead of the real one. The funds go to the attacker and cannot be recovered.
Data from Blockaid, a security firm, shows over 65.4 million such incidents between January 2025 and February 2026. The scam has grown alongside the rise of DeFi and self-custody wallets, where transaction history is the primary address book.
MetaMask’s new feature does not rely on user vigilance alone. It runs in the send flow: when someone pastes an address, the wallet compares it with every address previously interacted with. If the pasted address matches the prefix and suffix of a known address but differs in the middle section, a blocking alert appears. The user cannot confirm the transaction without dismissing the warning. The system also shows a first-time transaction warning when sending to an entirely new address.
The technology works on all EVM-compatible networks. MetaMask said it plans to expand support to other chains.
Another change: MetaMask now displays more characters of each address in the interface. Previously, wallets truncated addresses to a short string like 0xEdf89…ff7ED. That made mimicry easy. The updated view shows a longer segment – 0xEdf89FdA047F28…C6341a8ff7ED – making visual spoofing harder.
The wallet does not automatically reject suspicious transactions. MetaMask opted to preserve self-custody by showing a warning and letting the user decide. The detection is available on both the mobile app and the browser extension. MetaMask encouraged users to update their wallets.
Prepared with AlphaScala editorial tooling from the source reporting linked above. Indexable analysis may include a cited Alpha Score value. Publishing checks screen each story before release. Educational coverage, not personalized advice.