Ledger, a crypto wallet provider, alerts Solana (SOL) users to a critical development that could compromise the safety of their accounts.
In a tweet, Ledger warns of an ongoing phishing and address-poisoning scam targeting Solana users.
🚨Attention #Ledger $SOL users🚨
There’s an ongoing phishing/address poisoning scam targeting @solana users.
⚠️If you receive a dust #SOL transaction, do not click on any link in its Memo, this link may be malicious 👹
Learn how to defend yourself against scams 👇… pic.twitter.com/fuwpMbxOB6
— Ledger Support (@Ledger_Support) November 8, 2023
Address poisoning is a new type of scam that targets cryptocurrency users. An attacker «poisons» the target’s account in this scam by transferring a small amount of crypto, in this case SOL or sometimes an NFT disguised as a voucher.
In some cases, the scammer may even make it appear as if the user initiated a «Send» transaction because the scammer’s address may be tailored to look similar to the target’s.
The overall aim remains to trick the user into mistakenly copying the scammer’s address and sending funds to theirs rather than a legitimate one.
In this light, Ledger warns users that if they receive a dust SOL transaction, they should not click on any link in its memo because it could be malicious. They are also advised not to share their 24-word recovery phrase with anyone.
Users who receive dust SOL tokens should avoid interacting with the undesired tokens. They should not attempt to transfer or send the unwanted tokens to another account or burn address since doing so might activate the malicious smart contract associated with the tokens.
Instead, to hide the token balance from the display, right-click on it and select Hide Token from the menu.
While address-poisoning cannot be prevented, it can be readily defeated by following best practices while sending and receiving cryptocurrency. Users should avoid just grabbing deposit and destination addresses from the transaction history.