knowing basics of how to mint and trade NFTs is not enough if you are truly ready to dip your toes into the waters and start acquiring your very first NFT! It is important you’re aware of the potential dangers associated with NFTs and take adequate cautions to safeguard your valuables from scammers.
Below are new NFT scams you should keep an eye out for:
One of the most rampant scams out there is replicating NFT project websites or popular marketplaces such as OpenSea. Often, unsuspecting users will be directed to link their crypto wallets to the fake website to mint or transact with an NFT. In most cases, the action will empty the funds from the users’ wallets, while the more “fortunate” users will end up paying for a fake NFT.
So, how can you avoid falling for this? Always double-check all the website links painstakingly before you click on them. The official links are usually shared in each projects’ locked Discord channels (e.g., Announcement or FAQ channels) or on their Twitter page.
Another good and cautious “mint habit” to foster is to glance through the comments on the project’s social channels as you prepare for a mint. Often, internet detectives will call out scams, and if you see any, it’s best to take a step back and investigate further and deeper. In situations where you are unsure but still insist on buying or minting an NFT in the hope of striking gold, link using a new wallet with just the right amount of funds needed.
Remember this simple rule: stay safe and always do your own research!
If something seems too good to be true, it probably is. The same saying also applies to NFTs, so don’t buy that 1 ETH CryptoPunk just yet! Be sure to check the NFT is indeed part of the authentic collection and not an imitation product.
Marketplaces such as OpenSea will mark most high-profile collections with a “Verified Collection” tag or badge. Some talented scammers attempt to replicate this by including the verified tick in the fake collection’s logo. One sure method to check is to hover over the blue tick on OpenSea, and the words “Verified Collection” should pop up clearly.
In cases where the “Verified Collection” tag is not available, it’s best to check the official websites and community channels of the NFT collection and see if the contract addresses match up with what you are buying.
Impersonation scams are ageless frauds that have been around for a long time and unfortunately, still very much prominent in the world of crypto. Scammers often impersonate the projects’ customer support team to prey on unsuspecting users in need of help. Usually, these are phishing attempts to get ahold of the targets’ personal details and sensitive information such as their wallet seed phrases.
Another common scam is fake giveaways that trick and entice users into connecting their wallets with a fake website or surrendering their private keys. If done successfully, the users’ funds will be at the mercy of the scammers, allowing them to drain all of the wallet’s assets.
Sophisticated hackers may even bypass security and take control of the project’s social media or Discord accounts. This essentially allows hackers to share fake “official links” in “official channels” that can dupe even the most careful users, as in the case of Beeple’s Discord group, which led to a user losing ~38 ETH.8 While there’s no sure-fire way to prevent such incidents, you can perform due diligence by cross-checking multiple sources (e.g., Twitter, Discord, Telegram, official website) before attempting to buy or mint any NFTs.
As you participate in more and more projects’ Discord groups, you will start to receive many unprompted direct messages (DMs) or spam from other users. Avoid clicking on links shared by other users, which is a method for scammers to share fake websites to phish for private keys. This was one of the methods that scammers used to trick users in Aurory’s high-profile NFT drop.9
One way to prevent this is to tweak Discord’s privacy settings to prevent direct messages from server members. By doing so, you will filter out all private messages from users who are not on your friend list.
While strictly not a scam, this is still a widespread phenomenon that both aspiring and veteran NFT collectors should note. It is common to receive multiple offers for your NFT, especially for popular collections or rare pieces. When you receive an offer for your NFT, pay close attention to the denomination of the cryptocurrency for the offer. Is the offer denominated in ETH, DAI, USDC, or some other tokens?
Take the below offer for Poet #3179, for instance. While 1.25 ETH might be a decent offer to consider for the NFT, 1.25 USDC is undoubtedly not. In this case, the bidder is hoping that the NFT owner mistakenly accepts the offer for a quick and easy profit, so watch out for these tactics!
As with many lucrative businesses out there, there will always be bad actors scheming to profit from our momentary lapse of judgment. In general, the same old cybersecurity practices should be applied with NFTs:
- Never reveal your wallet seed phrases,
- Verify and check the links you click on,
- Cross-check and verify information across multiple sources,
- Use a fresh wallet when connecting to dubious sites,
- Always do your own research.
In conclusion, know now and always that no matter technological advancements and growth in crypto space specifically, bad eggs would always find routes to exploit unsuspecting users. The bourgeoning NFTs world is never excluded from this occurrence. Hence always make sure you take all caution not to fall prey. We have however exposed their tactics that you should always watch out for, as you dive in into the world of NFTs. And once this is done, you’re sure to have a memorable smooth ride in the fast growing world of NFTs.