Dust transactions do not threaten your funds directly. Receiving unsolicited micro-amounts of crypto is not a hack. No immediate action is required — but knowing what to do keeps you safe.
What is a dust attack?
A dusting attack is when an attacker sends tiny amounts of cryptocurrency — fractions of a cent, often called "dust" — to a large number of wallet addresses. The dust itself is worthless. What the attacker is after is your behavior: if you move that dust, your wallet gets linked to other addresses you control, which can be used to de-anonymize you or target you for follow-up scams.
On BNB Smart Chain and Ethereum, this often takes the form of fake tokens with names impersonating well-known projects — designed to look like legitimate airdrops in your transaction history.
How to recognize a dust transaction
You receive a tiny amount of an unfamiliar token you never requested
The token name closely mimics a well-known project but comes from a different contract address
The block explorer flags the contract with a spam or phishing warning
The token has a very short deployment history and no legitimate liquidity
Always verify a token's contract address against the project's official website. A matching name is not enough.
What to do when you receive dust
Do not move the dust. Transferring or swapping a dust token links it to your other addresses
Do not interact with any site the token points to. Many dust tokens include metadata pointing to a phishing site
Check the contract on the block explorer. Search on BscScan, Etherscan, or Tronscan — if a phishing warning is displayed, it's dust
Hide the token in Trust Wallet. Long-press the token and select Hide. This removes it from your view without interacting with the contract
⚠️ Never enter your secret phrase, connect your wallet, or approve a transaction on any site linked from a dust token.
In the picture below is shown a token reported to have been used to mislead people into believing it was sent from well-known addresses and may be spam or phishing. Please treat it with caution.
How to protect yourself going forward
Keep your wallet address private — the fewer places your address is publicly shared, the less likely it appears on attacker distribution lists
Never share your secret phrase — dust attacks are sometimes a precursor to social engineering
Keep Trust Wallet updated — the latest version includes the most current token denylist from Blockaid

