Unrecognized Tokens or NFTs Received

Sometimes, you may notice unfamiliar history entries in your activity, such as "Received 0.1 ETHer" or "Received 1 NFT." This is spam sent unilaterally by bots and is a type of scam tactic known as "address poisoning."


Why Do They Arrive?

Since all transactions on Avacus are publicly visible on-chain, bots use this information to identify wallets that have recently transacted and automatically target them.


Purpose and Tactics

These scams primarily serve two purposes:

  • Phishing Enticement: They attempt to lure you into visiting a URL embedded in the token or NFT and connecting your wallet. This allows scammers to trick you into granting unauthorized withdrawal permissions (Approval) or stealing your private key.
  • Address Poisoning: Scammers slip a fake transaction record into your legitimate transaction history. The goal is to trick you into copying the wrong address from your history the next time you send funds.




Additionally, scammers give tokens deceptive names like "ETHer" to mimic real ETH. They want you to falsely assume you hit the jackpot so you will navigate to a fraudulent site to cash it out. Note that items flagged with warning labels such as "Fake_phishing" on Etherscan have already been verified as scams.


How to Respond

Simply ignore any unrecognized tokens or NFTs. The only effective countermeasure is to avoid opening any embedded links and never connect your wallet to external sites.

Verifying the contract address on Etherscan is also an effective way to handle suspicious tokens. While many tickers closely resemble ETH, USDT, or JPYC, the contract address starting with "0x" is entirely unique and cannot be faked.


Note on Avacus Design: Avacus is designed so that even if these worthless spam tokens are sent to you, they will not automatically display in your wallet or be calculated as part of your total assets.

Back to Issues & Warnings