To prevent phishing attempts by address poisoning, Etherscan has deployed a new feature that masks suspicious transactions. What is it exactly?
Etherscan takes measures against address poisoning
In order to prevent address poisoning phishing, the blockchain explorer Etherscan has made an update allowing to hide transactions involving token transfers without any value:
Update: Zero-value token transfers are now hidden by default
In recent times, ‘address poisoning’ attacks have phished unsuspecting users and spammed everybody else. With this update you won’t have to see these transfers anymore!
Before ➡️ After pic.twitter.com/F93pWDUJ7a
– Etherscan (@etherscan) April 10, 2023
Address poisoning is a practice that has been on the rise for a few months, which consists of sending transactions to a target address from an address that is very similar, for example with the first 4 and last 4 characters identical.
The idea is to play on the lack of distrust of the potential victim, who would then copy the attacker’s address rather than his own directly from a blockchain explorer during a future transaction, sending his funds to this person by mistake.
By hiding these suspicious transactions, Etherscan hopes to limit this type of phishing. Of course, the best protection remains vigilance, and it will be more appropriate to copy one’s address directly from one’s wallet than from a third party service.
A feature limited to Ethereum
If this new feature is activated by default, the transactions are not actually blocked, but only hidden, which is why Etherscan allows those who wish to do so, to still be able to view them:
As a block explorer, it is important that users are able to see an uncensored view of the blockchain.
For those who want to see these zero-value token transfers, simply disable the option in Site Settingshttps://t.co/biVWVXiEkq pic.twitter.com/PTtCyddB0J
– Etherscan (@etherscan) April 10, 2023
To access the Etherscan settings and modify the preferences, you will have to click on the button allowing you to activate or not the dark mode at the top of the web site:
Be careful though, if this new feature of the famous blockchain explorer can indeed limit phishing by address poisoning on Ethereum (ETH), it is not the case on all other networks compatible with the Ethereum Virtual Machine (EVM).
Indeed, at the time of writing, the explorers Polygonscan, Bscscan and Snowtrace for example, respectively for Polygon (MATIC), BNB Smart Chain and Avalanche (AVAX), did not yet support this feature. This means that for the time being, this type of phishing attempt is still visible on these blockchains.
Very often, the human remains the first flaw in any system, that’s why vigilance is still required, even if it means making a first transaction with a small amount beforehand, to make sure not to make a mistake in case of doubt.