imToken Wallet Website | imToken 2.19.0: Stronger Protection Against Address Poisoning | World-renowned digital asset management tool, supporting Bitcoin, Ethereum, DOGE, Vaulta, Cosmos, Litecoin, TRON, BCH, Nervos, TON and other blockchains.

According to a report from Blockaid, on-chain address poisoning attempts increased from 628,000 in November 2025 to 3.4 million in January 2026—a 5.5x rise in just two months.

Beyond the sheer scale, attack methods have become increasingly deceptive. Take the December 2025 "$50M USDT Loss Incident" as an example: even though the user followed the common practice of testing with a small amount, the attacker precisely timed their move, misleading the final large transfer by injecting a lookalike address into the transaction history

In response to these evolving threats, the imToken 2.19.0 risk control system has been upgraded with three specialized features to better defend against address poisoning attacks.

1. Copy Address "Firewall": Blocking Phishing at the Source

Most address poisoning attacks succeed because users habitually copy addresses directly from their transaction history.

To combat this, imToken has added a security prompt to the "Transaction details" page. When a user attempts to copy an address, a pop-up alert will guide them to re-verify the characters (focusing not just on the prefix and suffix, but the middle characters as well), reducing errors caused by visual similarity at the source.

2. Risk Alerts: Exposing Hidden Dangers

To address high-frequency and stealthy malicious transactions, imToken now provides real-time monitoring of suspicious transactions.

Whether you are viewing "Account activity" or "Transaction details," the system will trigger "Risky" warnings in real time upon detecting suspected scam addresses, helping you prevent losses at critical moments.

3. Smart Filtering: Keeping High-Risk Transactions Out of Your History

To address malicious airdrops and spam transfers containing deceptive memos, imToken has introduced a "Hide risky transactions" feature, enabled by default. The system automatically filters and hides Level 3 (High-Risk) transactions and notification, ensuring you don't accidentally click on phishing links embedded in your transaction history.

If you need to view your full history, you can manually toggle this feature off via My Profile -> Settings -> Hide risky transactions.

Currently, the features above only support Ethereum and Tron accounts. More will be added soon.

Summary

In the Web3 world, security is always the top priority. We recommend updating to the latest version immediately to enjoy enhanced asset protection.