This article is from Trend Micro.
It seems that everyone is talking about NFTs lately. Have you caught on to the trend? They’ve exploded and redefined the art market A LOT recently with tons of people getting super excited about them, but scammers have also been getting excited — about the prospect of scamming lots of people with NFT-related scams!
In this post, we introduce some of the most common NFT scams and share some tips to avoid them. Check it out!
Non-fungible tokens (NFTs) are artworks (physical or digital) with digital signatures that represent their ownership. They can be viewed as digital assets and can be used as real money, like cryptocurrencies (Bitcoin, Ethereum, etc.). What’s different is that each NFT is UNIQUE and can’t be replaced or reproduced, and that’s why they’re now popular among art enthusiasts, gamers, and those involved in real estate.
If you’re interested in investing in NFTs, the first thing is to find out WHERE you can buy and sell NFTs. When searching online, you’ll be flooded with millions of search results, but there are many fake NFT trading websites among them. It can be hard to tell these scam websites apart from genuine ones as they often look extremely alike.
First of all, there are no legitimate NFTs on scam sites, so if you purchase one, you are just throwing your money away. What’s worse, scammers can record all the credentials you submit on the sites. Normally you only have to provide your MetaMask wallet address to make transactions, but scammers may request for the seed phrase of your Ethereum wallet (the master key to your cryptocurrency wallet) and use it to hack into your wallet and steal all your cryptocurrency.
The easiest way to stay safe is to choose legitimate NFT trading websites. There are lots of different types of NFTs — there are ones relating to sports, video games, real estate, and lots more. Besides the most famous NFT trading platform OpenSea, here are some other legitimate NFT marketplaces/NFT collectible websites:
Super Rare
Foundation
Nifty Gateway
Rarible
Zora
Mintable
Axie Infinity
Street Fighter
Myth.Market
Treasureland
Impersonating famous NFT trading platforms, scammers send you fake emails claiming that someone has made an offer for your NFT. They prompt you to click on an embedded button:
Like all the other phishing scams we’ve reported on before, the button leads to a phishing website. The fake page will ask you to link your wallet and submit your seed phrase/recovery phrase. Scammers can record the credentials and hack into your wallet and steal everything you’ve got!
Besides fake offer email notifications, fake customer service/technical support is also a common scam tactic.
Imagine encountering some technical problems and seeking help on Discord. Someone who claims to be from OpenSea then comes to your rescue.
The fake support agent (the scammer) may ask you to share your screen to check what’s going on, making you inadvertently reveal your cryptocurrency wallet’s credentials. When you do so, they can take screenshots of your seed phrase (the recovery key to your wallet) or the QR code linked to it. Or, the scammer could redirect you to a website that looks like the official OpenSea website and coerce you into entering detailed personal information there. You know what will happen next. Don’t fall for it!
In some other cases, scammers send you fake security alerts about your OpenSea account/NFT collection. Again, they try to prompt you into clicking on the embedded phishing link. Don’t get tricked!
Posing as employees from famous NFT trading platforms, scammers contact you via social media (e.g. Discord or Telegram), saying they are holding giveaway campaigns. They promise you free NFTs as long as you spread the giveaway messages and sign up for the campaigns — through scam/phishing NFT websites! When you try to link your MetaMask wallet, your credentials will be stolen.
Many new NFT projects appear every day, for example, Squid — a new digital token for the world-famous Netflix series Squid Game. However, after its price reached its peak, it turned out to be a “rug pull” scam — the creation of an NFT that can’t be circulated. Owners can’t re-sell the tokens, making their prices plummet in a short time. In such schemes, the only ones who profit are the creators of the digital tokens.
In other cases, such scams are committed by romance scammers. Romance catfishers try to lure you into investing in some NFT projects. They might send you links to fake NFT websites, or ask you to wire them money. Be careful!
1. Check the price. If the offer of an NFT on a site is much lower than that on legitimate websites like OpenSea, it’s probably a scam.
2. Check verification marks. Most legitimate NFT sellers will have a blue checkmark beside their usernames, and the properties of the collection will be listed clearly.
3. Check the contact address. It should specify where the NFT was minted. You can check the creator’s website to make sure the information is genuine.
4. Turn to the official customer service of the NFT trading sites for help instead of someone who contacted you via social media.
5. Be smart with your wallet credentials and NEVER share your seed phrase (recovery phrase).
6. Use legitimate wallet apps and browser extensions to avoid phishing. There are lots of malicious apps impersonating official ones.
7. Use strong passwords and enable two-factor authentication (2FA) to protect your accounts. Try Trend Micro™ ID Security to monitor your personal information with ease.
8. Never click on links or attachments from unknown sources. Use Trend Micro Check to check if a website is secure (It’s free!)
1. After you’ve pinned the Trend Micro Check browser extension, it will block dangerous sites for you automatically:
2. Send suspicious links to Trend Micro Check on WhatsApp for immediate scam detection.
9. Add an extra layer of protection to your device with Trend Micro Maximum Security. It includes Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection to help you combat scams and cyberattacks.
Click the button below to give it a try:
If you found this article helpful or interesting, please SHARE it to help protect your friends and family!