When checking your wallet's transaction history, you suddenly notice a 0 USDT transfer you never initiated, from an address whose first and last few characters look almost identical to one you frequently use — this is a classic "zero-value transfer attack," also known as a zero-amount transfer scam. This attack method began appearing at scale in 2023 and continues to cause losses today.
How Does a Zero-Amount Transfer Attack Work?
This attack exploits a characteristic of ERC-20 token contracts: the transferFrom function can execute successfully even when the approval amount is 0, but only transfers 0 tokens. The attacker follows these steps:
Step 1: Monitor target addresses Attackers use automated scripts to scan the blockchain for large transactions and identify active addresses.
Step 2: Generate look-alike addresses Using vanity address generators, they mass-produce addresses whose first and last few characters match the target. For example, if your address is 0x1234...abcd, the attacker creates 0x1234...abce.
Step 3: Send zero-amount transfers The attacker sends 0 USDT from this look-alike address to you. This transaction appears in your history, looking like an address you previously transacted with.
Step 4: Wait for you to fall for it When you next need to transfer, if you copy an address from your transaction history, you might accidentally copy the attacker's address instead. Once you confirm the transfer, assets go straight to the hacker's wallet.
Why Does This Attack Succeed?
Its success relies on common user habits:
Habit 1: Copying addresses from transaction history Many people don't fully verify addresses — they copy "familiar-looking" ones from history. Attackers exploit exactly this.
Habit 2: Only checking the first and last few characters Most wallets and explorers only display the first 6 and last 4 characters (e.g., 0x1234...abcd). The attacker's look-alike matches these visible portions perfectly — only the hidden middle portion differs.
Habit 3: Ignoring unusual transactions Seeing a 0-amount incoming transfer, many people dismiss it as a system glitch or airdrop test.
Real Victim Cases
In May 2023, a user lost $20 million in USDT due to a zero-amount transfer attack. The user copied a "familiar-looking" address from their transaction history for a large transfer, but it was actually the attacker's carefully crafted look-alike. The transaction was irreversible once confirmed.
Similar cases continue to occur across various chains, with single losses ranging from hundreds to millions of dollars.
How to Protect Against Zero-Amount Transfer Attacks
Method 1: Use the address book feature Most wallets and exchanges have an "address book" or "whitelist" feature. Save your frequently used addresses and always select from the book instead of copying from transaction history.
Method 2: Verify the full address Before every transfer, carefully check every character of the full address — not just the first and last few. Verify at least the first 10 and last 10 characters.
Method 3: Send a small test amount first Before large transfers, send a small amount (like 1 USDT) to the target address and confirm receipt before sending the rest. One extra gas fee can prevent massive losses.
Method 4: Ignore unknown incoming transactions If you see incoming transactions you didn't initiate, never copy any address from those records.
Method 5: Use address labeling tools Some wallets and explorers support address labels. Tagging your common addresses makes it visually easy to distinguish real from fake.
Safety Tips
While the technique is simple, it exploits human carelessness. Prevention depends on good habits:
- Never copy addresses directly from transaction history: Use address books or manual input
- Test with small amounts before large transfers: Confirm the address is correct first
- Verify the full address: Don't just check the first and last few characters — verify at least 20 characters
- Stay vigilant: Be suspicious of unknown incoming transfers in your history
- Use the latest wallet version: Some wallets now hide or flag zero-value transfers
- Enable transaction alerts: Set up notifications to catch unusual activity
Exchange transfers typically have additional protections like address whitelists. Binance — experience safer transfer workflows. You can also download the Binance app (Apple users, see the iOS installation guide) for convenient management.
Will a Zero-Amount Transfer Harm My Wallet?
No. The transfer itself causes no asset loss — it only leaves a record in your transaction history. Losses only occur if you mistakenly copy the attacker's address and send funds yourself.
Can I Block Others from Sending Zero-Amount Transfers?
No. Blockchain's open nature means anyone can send transactions to any address (including zero-amount ones). You can't prevent these transactions, but good habits will keep you safe.
Does Only USDT Get Targeted by Zero-Value Attacks?
No. Any ERC-20 token can be targeted. USDT is the primary target because it's the most widely used stablecoin.
Can This Attack Happen When Withdrawing from an Exchange?
Exchange withdrawals require you to manually enter or select from an address book — they don't display on-chain zero-value records. The risk is relatively lower, but always verify addresses carefully.