GoPlus Security: A user mistakenly transferred 100,000 DAI due to an address poisoning attack.

GoPlus Security reported that a user fell victim to a typical address poisoning attack: the user mistakenly sent 100,000 DAI to a spoofed address after copying a visually similar address from their transaction history. In this incident, the user had previously sent 300,000 DAI to the legitimate target address; the attacker then sent 0.0003 DAI to the user from a malicious address with characters nearly identical to the legitimate one—before and after the address—thereby tricking the user into selecting the wrong address during their subsequent transfer. GoPlus Security advises users not to copy wallet addresses from transaction history, always verify the full address before sending funds, and conduct a small test transaction prior to any large transfer.