Ethereum Transaction Records May Be Driven by Scam Activity Rather Than Real Users

TLDR

• Ethereum recorded nearly 2.9 million transactions in one day last week, setting an all-time high for onchain activity.
• Research shows roughly 80% of new Ethereum addresses are linked to address poisoning scams using tiny stablecoin transfers under $1.
• Address poisoning attacks use fake wallet addresses that look similar to real ones, tricking users into sending funds to scammers.
• Lower transaction fees since the Fusaka upgrade in December have made mass spam attacks cheaper to execute.
• ETH price remains around $3,180, down 0.7%, suggesting the transaction surge does not reflect genuine user demand.

Ethereum reached record transaction levels last week, but the data behind those numbers raises questions about what is actually driving the activity. The network processed nearly 2.9 million transactions in a single day. ETH price action tells a different story than the transaction data suggests.

Ether was trading around $3,180 on Monday, down roughly 0.7% on the day. The price movement shows ETH lagging behind the broader CoinDesk 20 index. Average transaction fees stayed near recent lows while validator exit queues dropped to zero.

Onchain researcher Andrey Sergeenkov found evidence pointing to large-scale address poisoning campaigns. These scams flood wallets with tiny stablecoin transfers called “dust” to plant fake addresses into transaction histories. The goal is to trick users into sending real money to scammer-controlled wallets.

Address poisoning works by creating wallet addresses that look nearly identical to legitimate ones. Scammers then send small stablecoin transfers, often worth less than $1, to potential victims. These dust transactions insert fake addresses into a user’s transaction history.

Wallets typically display only shortened versions of addresses, showing just the first and last few characters. When users copy an address from their history without checking every character, they can accidentally send funds to the attacker’s lookalike address. What seems like routine activity can turn into real financial losses.

Stablecoin Activity Shows Unusual Patterns

Sergeenkov’s analysis reveals that stablecoins account for roughly 80% of the unusual growth in new Ethereum addresses. Looking at first-time stablecoin interactions, about 67% of newly active addresses received less than $1 as their initial transfer. This pattern matches automated dusting rather than normal user behavior.

The research examined roughly 5.78 million addresses in total. Out of this sample, about 3.86 million addresses received what Sergeenkov classifies as poisoning dust as their first stablecoin transaction. The data shows a clear pattern of mass automated activity.

Sergeenkov tracked USDT and USDC transfers under $1 to find the source. He isolated senders that distributed dust to at least 10,000 unique addresses. The largest operations were smart contracts that sent tiny stablecoin amounts to hundreds of thousands of wallets.

These contracts used a specific function designed to fund large batches of poisoning addresses in a single transaction. The addresses then spread across the network, inflating transaction counts and new address creation. This activity creates conditions for copy-paste errors that can result in real losses.

Lower Fees Enable Mass Spam Campaigns

The timing of this activity connects to recent network changes. Transaction fees dropped sharply since early December following the Fusaka upgrade. Lower fees have made it cheaper to send millions of low-value dust transfers across the network.

Attackers can now run address poisoning campaigns at scale because the cost per transaction has fallen. What was once an expensive scam relying on a few large mistakes has become economically viable. The lower barrier to entry allows scammers to spray dust transfers widely and profit from increased attempts.

The context changes how to interpret Ethereum’s record metrics. Low fees and smooth throughput show the network can handle high transaction volumes. But these same conditions make spam cheaper to execute on a large scale.

If a large portion of activity comes from low-value automated attacks, then rising transaction counts say less about actual demand. The numbers become less meaningful as indicators of network health or user adoption. Markets appear to recognize this disconnect between transaction volume and fundamental value.

ETH price remains relatively flat while transaction counts hit all-time highs, suggesting investors are not convinced by the raw numbers alone.

The post Ethereum Transaction Records May Be Driven by Scam Activity Rather Than Real Users appeared first on CoinCentral.