Ethereum's Fusaka update has significantly amplified address poisoning attacks.

The principle is simple but devastatingly effective: a bot detects your transactions and immediately generates a fake address resembling the one you just used. It then sends you a micro-transaction to pollute your history, hoping you accidentally copy the wrong address during your next transfer.

One user received 89 micro-transactions in less than 30 minutes after just two simple transfers. In December 2025, an investor lost 50 million USDT by falling into this trap. These figures are staggering, but they raise a much broader question.

If a major Ethereum protocol update can, even indirectly, multiply the effectiveness of such devastating attacks tenfold, who is responsible for protecting users?

The developers who design the updates? The wallets and interfaces that should better alert users to risks? Platforms like Etherscan that could filter dust transfers? Or the users themselves, who are expected to exercise near-professional vigilance for tasks as mundane as copy-pasting an address?

Mainstream adoption of crypto inevitably requires users who are less technical, less cautious, less informed. If simply copying an address from your history can cost millions, how can the ecosystem seriously claim to be ready for mainstream use?