Meet Ledger Nano™ Gen5, the most playful signer yet

Discover now

Up your Web3 game

Ledger Academy Quests

  • Test your knowledge
  • Earn POK NFTs
Play now See all quests

Zero-Value Transfer Scam

Jul 29, 2025 | Updated Jul 29, 2025
A zero-transfer phishing attack is where attackers send users transactions with no value to trick them into copying fake wallet addresses.

What Is a Zero-Value Transfer Scam?

A zero-value transfer scam, also known as a zero-transfer phishing attack, is a fraudulent technique that exploits how users typically copy and paste cryptocurrency addresses. It is an advanced form of address poisoning that involves attackers creating fake addresses that closely resemble legitimate ones from the victim’s transaction history, then sending zero-value transactions to place these fake addresses in the victim’s wallet activity.

The attack takes advantage of the fact that crypto wallet addresses are long strings of random characters that users typically copy from their transaction history rather than type manually. When victims look for a familiar address to reuse, they may accidentally copy the attacker’s fake address instead of the legitimate one, sending their funds directly to the scammer.

These attacks are prevalent on Ethereum Virtual Machine (EVM) compatible networks like BNB Smart Chain and Polygon.

How Does a Zero-Value Transfer Scam Work?

The attack begins when scammers monitor blockchain activity to identify potential targets and analyze their transaction patterns. Generally, they target users who regularly send transactions to the same addresses.

Then, the attacker creates a vanity address that matches the first and last few characters of a legitimate address the victim has used before. Most users only check the beginning and end of addresses when verifying them, and many wallets hide the middle characters, making these fake addresses appear legitimate at first glance.

The scammer then sends zero-value transactions from these fake addresses to the victim’s wallet. These transactions cost very little in network fees but appear in the victim’s transaction history alongside legitimate transactions. When the victim later wants to send funds to what they think is a familiar address, they scroll through their history and may accidentally copy the scammer’s fake address.

Once the victim sends a transaction using the fake address, their cryptocurrency goes directly to the attacker with no way to recover it due to the blockchain’s immutable nature. Users can protect themselves by always verifying complete wallet addresses before sending transactions, being suspicious of unexpected zero-value transactions, and using a new address to send crypto whenever possible to avoid scammers tracking your crypto transaction history.

Ethereum Treasury

An Ethereum treasury is a corporate strategy of holding Ether (ETH) on the balance sheet as a productive asset to generate yield.

Full definition

Hardware Wallet

A hardware wallet is an external, physical device designed to securely store a user’s private keys offline.

Full definition

Sidechain

A sidechain is a secondary blockchain that works alongside a Layer 1 blockchain to improve scalability and functionality by reducing congestion on the main network.

Full definition

Own your crypto future

Stay informed with security tips, updates, and exclusive offers from Ledger

Your email address will only be used to send you our newsletter, as well as updates and offers. You can unsubscribe at any time. Learn more

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.