NFT scammers are smart and evolving just as fast as the industry is. It’s a little like a digital wild west out there–so here are some tips to protect your assets.
One of the biggest concerns for beginners in the NFT space is getting scammed. Newbies aren’t the only ones getting hacked and scammed, however–even seasoned pros can fall victim to the creative and innovative ways that scammers are invading the NFT world.
Just like any other investment, protect your assets first. It’s worth looking into very carefully before opening your wallet. Here’s a quick guide to look over when it feels like a new investment opportunity is a little too good to be true.
NFT scammers work by either stealing your crypto wallet login info or tricking their victims into believing they have successfully purchased or sold a legitimate NFT or asset. There are many ways they can do this, and we’ve broken down a list of the types of scams that are common in the NFT arena.
IMPERSONATION NFT SCAMS
These types of scams are popular in every corner of the NFT space. Scammers will impersonate popular NFT influencers and sites to lure in victims.
- Fake NFT webpages. Scam artists can create detailed copies of popular NFT webpages that look real. Scammers have the uncanny ability to replicate popular NFT websites and marketplaces so that the logins look the same, and users end up entering their login info on a false site.
- Always verify the URL before entering any information. These sites usually ask for your login info–even using fake MetaMask logins to store your information.
- Airdrop scams. It’s no secret that big brands and NFT makers have airdropped NFTs to lucky holders. Scammers take advantage of this and post links asking you to give some sort of password or seed phrase away. Don’t ever enter your seed phrase anywhere outside your wallet.
- Be wary of incoming Discord DMs. Discord is a common place for scams to occur. Scammers will use the same profile photo as popular influencers–here is an example. Always check your DM history, and never click on unfamiliar links.
- Twitter impersonations. Always look for the blue checkmark for popular accounts of influencers or artists. If someone promises to buy your NFT (this is especially true for new artists and holders alike), NEVER sign up for any new sites to exchange an item before someone agrees to buy something.
- Email scams. Clever scammers will create emails from sites like OpenSea that look legitimate. Using the same level of detail as they would for a fake NFT webpage, hackers create an online profile to convince people of their credibility and sell them fake artwork.
BIDDING NFT SCAMS
These types of scams can happen during a legitimate sale of an NFT, but sneakily tricks the holder into buying the NFT for less, simply by switching up the details before the transaction occurs.
- Currency switch. Bidding scams can happen once a holder attempts to resell an NFT. Someone posing as an interested buyer will put in a high bid–then at the last moment, they switch out the currency you use for one that is valued lower. Always cross-check your currency.
- Decimal point changes. This can also happen when scammers will re-list their offer, changing the decimal point to the right by one place. Sometimes the platform won’t register the change for up to half an hour–and if you aren’t paying attention, you can get robbed. Here is an example.
COUNTERFEIT NFTS AND FAKE PROJECTS
Plenty of NFT traders have fallen victim to this type of scam. Earlier this year, unverified artworks of Bansky-styled NFTs were sold for around US$1 million worth of ETH.
- Fake Mints. Scammer developers will send these types of NFTs to popular influencers, then link back to make it look like they were the ones that minted it. Always check the mint addresses of popular creators.
- Rug Pulls. These can sometimes be hard to spot until it is too late. The ‘Evolved Apes’ project is a recent example where the creator simply disappeared with US$2.7 million. Startups will gather public investment money, then take it and disappear. Another example is 2021’s “squid coin” fiasco, which saw US$3.3 million dollars of investor money vanish.
- PUMP AND DUMP. These types of scams originated with the stock market, in which clever scammers would artificially drive up the cost of a stock, grabbing other investors along the way, hence the term “pump”. The “dump” portion occurs when the scammers dump the stock, cashing out their money and running, driving the cost back down again. A good way to avoid this is to check the investor list. A real project should have a large range of buyers. A small handful that are buying and re-selling is a huge red flag.
NFT SCAM SUMMARY
Here are our cold-hard tips for avoiding scams. It’s okay to not know if it’s real or not–but we’d prefer if you looked at this list before taking action.
- Never believe a DM from someone saying they’ll buy your art if you do “x”. Never sign up for a site to accept an offer.
- Keep most of your assets in a “cold wallet” that you don’t use regularly. If your wallet with the amount of money you’d use to buy an NFT gets hacked, it’s a smaller loss.
- Use an encrypted password manager.
- Use a hardware wallet. More info here.
- Verify accounts, sender addresses, and URLs.
- Never sign up for a website in exchange for a sale.
- 2-factor authentication via mobile phone could pose a security risk. If hackers can get into your email, they’ll find your phone number and change your passwords
- Know how to spot a rug pull.
- Always check transaction history and cross-check NFT prices and currencies.
- Never accept bids lower than you originally intended.
- Never enter your seed recovery phrase outside of your initial wallet.
Protect yourself by being vigilant, and stay safe.