Fraud Detection & Compliance

Identify risky blockchain addresses before they impact your business. The Check Malicious Address endpoint verifies whether an address is associated with scams, stolen funds, or other fraudulent activity across Ethereum, Bitcoin, Litecoin, Solana, and Tron.

Ensuring that blockchain addresses are safe and compliant is critical for audits, regulatory requirements, and fraud prevention. Tatum’s Check Malicious Address endpoint allows you to verify whether a given blockchain address has been flagged for suspicious or fraudulent activity.

This includes addresses associated with:

  • DarkWeb assets
  • Scam projects
  • Stolen funds
  • Phishing, hacks, or money laundering

The endpoint uses data aggregated from standard on-chain analytics providers. The API response also includes the source of the malicious flag.

📘

Check malicous address (Popular🔥)

GET /v3/security/address/{address}
Check whether a given blockchain address has been reported as malicious..
Explore Docs →

Example cURL Request to Check malicious address

curl --request GET \
     --url https://api.tatum.io/v3/security/address/address \
     --header 'accept: application/json' \
     --header 'x-api-key: YOUR_API_KEY'
const options = {
  method: 'GET',
  headers: {
    accept: 'application/json',
    'x-api-key': 'YOUR_API_KEY'
  }
};

fetch('https://api.tatum.io/v3/security/address/address', options)
  .then(res => res.json())
  .then(res => console.log(res))
  .catch(err => console.error(err));

Sample Responses

Malicious Address:

{
  "status": "invalid",
  "address": "0x002bf459dc58584d58886169ea0e80f3ca95ffaf",
  "source": "CryptoScamDB",
  "description": "Trust trading scam site"
}

Valid Address:

{
  "status": "valid"
}

Practical Use Cases

  1. Fraud Prevention
    Automatically check incoming or outgoing wallet addresses to prevent sending funds to risky accounts.

  2. Regulatory Compliance
    Ensure wallets involved in business operations or audits have not been flagged for illegal activities.

  3. Due Diligence
    Integrate malicious address checks into customer onboarding or transaction monitoring workflows.

By integrating the Check Malicious Address endpoint, you can proactively identify high-risk addresses, mitigate fraud, and maintain compliance across multiple blockchain networks.

Fraud Detection & Compliance – FAQs

What is the Fraud Detection & Compliance API used for?

This API helps you screen blockchain wallet addresses for potential fraud, hacks, stolen funds, sanctions violations, or other illicit activity. It aggregates data from trusted intelligence sources to help wallets, exchanges, and fintech apps strengthen their AML and risk-monitoring programs.

Which blockchains are supported for address screening?

Tatum currently supports checks on major chains including Bitcoin, Ethereum, Litecoin, Solana, and Tron, with more networks being added over time. Any address on these networks can be evaluated for risk in a single API call.

What does the API response tell me about an address?

The response flags an address as either valid (clean) or invalid (malicious / risky). If malicious, it returns the data source (for example CryptoScamDB) and a short description of the issue such as “trust-trading scam” or “stolen-funds receiver”. This enables automated decision-making and transparent reporting.

How should I integrate malicious-address checks into my app?

Common patterns include:

  • Customer onboarding / KYC: screen new deposit or withdrawal addresses before first use.
  • Ongoing monitoring: run periodic checks on active counterparties and customer wallets.
  • Transaction blocking: prevent sending assets to addresses flagged as sanctioned or fraudulent.
  • Audit & reporting: log API responses as part of AML compliance records.
Does Tatum store or share the addresses I check?

No – Tatum does not persist or share the list of wallet addresses you screen. The service queries risk-intelligence providers in real time and returns the results without storing your address list.

How often is the risk-intelligence data updated?

Tatum synchronizes frequently with its intelligence sources so that new scam or sanction lists propagate quickly — typically within hours of discovery. Always re-check older counterparties periodically in case their risk status changes.

How do I combine risk checks with transaction or balance data?

Pair the Malicious Address Check with Transaction History to identify any past transfers to or from risky addresses. For audits, you can also combine it with Historical Balances or Portfolio Aggregation to see what share of a portfolio was exposed at a given time.

What are best practices for large-scale compliance screening?
  • Cache recent “clean” results to reduce redundant API calls.
  • Use batch or parallel requests for screening many addresses at once.
  • Re-screen active wallets periodically to catch newly-flagged addresses.
  • Log screening decisions with timestamps for your internal compliance audits.