NFT: beware of scams

The NFT market started to gain momentum in 2020, growing more than 300% over the previous year and representing millions of dollars worth of cryptocurrency. During the first week of May 2022, sales of these tokens plummeted by 92% compared to last September. However, the market is still generating the equivalent of millions of dollars, raising many concerns about the safety of this asset. If a thief used to have to break through a museum’s security to steal a work of art, a digital wallet can be accessed using malware or social engineering.

When digital artist Qing Han passed away in 2020, scammers took the opportunity to sell his artwork in his name as NFT. Last September, famed graffiti artist Banksy had his website hacked and posted an ad for the sale of what should be his first NFT; a collector paid $336,000. The NFT market offers opportunities for many scams:

Discord scam: The chat platform is divided into communities called servers where people can talk, stream and play games together. Last December alone, 373 members of a Discord server run by gaming marketplace NFT had their digital wallet authentication compromised, losing a total of $150,000. Another scam on Discord is sending DMs that trick users into thinking they are actually being contacted by a brand, artist, or influencer. Don’t be surprised by NFT projects without verifying that the offer is legit.

Fake profiles on social media: Beware of possible fake profiles. Often these are copies of real profiles, and you only need to look closely at the details to tell fake from real. You should also be wary of bots that invite users to comment on posts; using social media to communicate with them and request information that can give them access to crypto wallets.

Phishing Fraud: Replica NFT marketplaces or fake crypto wallets are shared on Discord, Twitter, and forums, as well as via email. The level of resemblance to real companies is impressive, and it takes a keen eye to spot minor differences in the URL or overall layout.

Stage name impersonation: In addition to Banksy and his fraudulent website, other artists have experienced similar situations. Tyler Hobbs, the artist behind the Art Blocks project “Fidenza”, has denounced the SolBlocks platform for using his code to sell replicas of his works. Derek Laufman’s artwork was also sold through a fake account using the artist’s name, and even got a verified icon.

Pump-and-dump scam: The type of scam closer to NFT speculation involves an individual or group of individuals buying a large number of NFTs (or cryptocurrency) and reselling them to artificially create the false impression that there are many demand is for the asset. In this way, market forces will increase resale profits. On the buyer side, this pattern seems to be validated by influencers sharing the NFT on their profiles, making it a great opportunity. Ultimately, these buyers expect to resell at a higher price, which never happens.

Pulled Carpet Scam: Scammers promote a project, solicit investment, and give up without notice. This usually happens once they think they have “completely exhausted investors”, remove all funds from an NFT wallet and remove their profiles from markets and social media.

Auction Scams: Fake NFT auctions are one of the most common scams. These occur when a real seller tries to auction an NFT. The seller specifies the cryptocurrency they want to get paid in, but a scammer can successfully change the currency of their offering to one of lower value. It can also work by adding and removing an NFT quote from a market by moving the decimal number one to the right. Without noticing the change, a buyer could end up paying much more than the amount originally planned.

Hacking Social Media Accounts: Fake offers and giveaways are a great way to pique user interest. Surprisingly, they can even come from established user accounts. However, the reality is that quite often these accounts have been hijacked by scammers to promote fraudulent schemes. Once a user tries to access the bogus offer, they are prompted to enter their password or personal information and provide their contact details and receive nothing in return.

Fake Mints: In these schemes, scammers drop NFTs into influencers’ wallets, making it look like the celebrities actually minted the NFTs on the blockchain. Indeed, many buyers monitor specific portfolios for new activity in anticipation of massive interest and an increase in the value of an NFT. According to OpenSea, the largest NFT marketplace, more than 80% of NFTs made for free on its platform are fake, plagiarized by other artists, or spam.

There are plenty of scams to watch out for when diving into the world of NFTs, and as usual, scammers never pass up an opportunity to make money. It is therefore important to always be alert.

By Benoit Grunemwald, Cyber ​​Security Expert, ESET France.

Leave a Comment