If you're unable to copy the correct address from MetaMask, see below for a potential explanation.
In MetaMask, you can simply copy the public address to an account by clicking on it.
To access additional information about your account, see instructions here.
When you hover over the account label, the message “Copy to clipboard” should appear.
Tap on the shortened address below the account label; you may have to tap several times. This will copy the account's address to the clipboard.
Why is my device copying the wrong address?
If you are suspicious that following the above steps is copying a different address to your keyboard than the correct one—your account's actual public address—you may be the victim of a clipboard hack.
In short, this is when a malicious actor installs a script on your device through some kind of malware/spyware. When such scripts are designed specifically to scam crypto users, they scan new additions to your clipboard continually, looking for public addresses. When they identify them, they will replace the address you actually copied with one the script is programmed to insert.
When you next attempt to send a transaction, the malware will intervene and insert its own address, potentially resulting in you irretrievably sending funds to a hacker's wallet. This is why it's always a good idea to double-check recipient addresses after you paste them.
How do I identify and address a clipboard hack?
Open your device's default text editor. On desktop, this will be Notepad for Windows devices and TextEdit for Mac. If you're using MetaMask Mobile, use your device's native note-taking/text editing app (such as Notes on iOS).
Now try this:
- Open the text editor and write anything, and then try copying and pasting this text within the same file. This should hopefully confirm that copy and paste is working correctly on your device.
- Copy your address from MetaMask and paste it into the text editor. Do the pasted address and your actual address match up?
If they don't correspond, you need to scan your device for potential malware/spyware/viruses. The methods for doing so vary considerably depending on your device, so please check with your manufacturer or OS provider.
Here are some starting points:
- Apple Support: Protect your Mac from malware
- Microsoft Support: Stay protected with Windows Security
- Google Support: Remove malware or unsafe software (Android)
Malware scanning is generally not possible on iOS due to its underlying structure. However, since App Store content is vetted so carefully, it is unlikely any malicious software can be downloaded by regular users.
Another important step to consider is to make sure your OS is completely up to date. New software versions often include security fixes that address the latest threats.
Whilst the method outlined above may help identify clipboard hacks, it may not work in all cases. Hackers are, naturally, continually improving the sophistication of their attacks to stay ahead of the curve; in some cases, the method above won't be enough to identify whether your device is affected. It's possible that the script may be advanced enough to recognize the location you're pasting into, and simply lie dormant until it spots that you're actually pasting an address into MetaMask, or any other wallet or dapp.
This is why we can't emphasize enough: get into the habit of always checking the addresses you paste. Even just a quick scan—double-checking that a handful of characters at the beginning and end of the address are correct—is enough.