Just hours later, the trader repeated the same mistake, sending another $1.7 million to the same fraudulent address.
When the user later attempts to copy a recipient’s address from that history, they will likely select the malicious version and unknowingly send funds to the scammer.
These exploits are increasingly common as attackers target crypto users through subtle, low-effort techniques that rely on user error and interface habits.
The victims are then instructed to call a support number in the message. When they do, they’re connected to a fake agent who directs them to a phishing website. On the website, users would be asked to input their recovery or mnemonic phrase, giving hackers full access to their crypto wallets.
Considering this, SlowMist strongly advises crypto users to avoid sharing recovery phrases, ignore unsolicited texts or calls, and verify all communications through official websites or apps.
