Phishing scammers are defrauding NFT holders out of millions of dollars

• Crypto speculator ZachXBT has identified two scammers who defrauded NFT holders out of millions of dollars.
• The phishing scammers defrauded the owners of the Bored Ape Yacht Club and left a trail of transactions.
• As the Ethereum Merge approaches, NFT holders must beware of phishing scams in the Web3 ecosystem.

An analyst and investigator in the chain has tracked down two fraudsters who defrauded investors for their Bored Ape Yacht Club NFT. Fortunately, by following a few simple steps, NFT holders can stay safe from phishing scams and impersonators in the Web3 ecosystem.

Also read: Here’s what to expect from Bitcoin, Ethereum price as Thailand tightens regulation

Analyst uncovers phishing scammers defrauding users

Over the past year, fraudsters have become more creative when it comes to phishing users in Web3. ZachXBT, a chain analyst and investigator, concluded an investigation into NFT fraud and identified two phishing scammers from France who were scamming people out of millions of dollars worth of NFTs from their trail of transactions.

The two scammers claimed their first victim, Twitter user Dilly Dally for Bored Ape Yacht Club (BAYC) #237 after clicking on a link shared by a verified member of the BAYC Discord and authorizing a transaction on a website. The user was led to believe that clicking the link would produce an animated version of his monkey. Unfortunately, he fell victim to a scam and once the transaction was approved, he lost his NFT to the scammer.

BAYC #237

The scammer sold BAYC #237 for $178,000 (47 ETH). Phishing scams continued and another user, holder of BAYC #6166, was similarly scammed. The scammer made several other attempts to scam more BAYC owners on Twitter, sending them the same direct messages and a link to animate their NFT. The scammer sold BAYC #6166 for 74.5 WETH, almost $180,000.

The investigator identified the two fraudsters as Mathys and Camille from France. The two NFT holders are not the only victims of the fraudsters. The French fraudsters created phishing pages for Azuki, Sudoswap and Doodles, defrauding users of 497 ETH ($851,000) in cryptocurrencies.

Hacks are a growing concern for users, and Hong Kong has seen an increase in crypto scams in recent years. According to a recent report, crypto fraud in Hong Kong climbed 105% in the first half of 2022. The irony is that Hong Kong is considered the most crypto-savvy nation in the world.

How to protect NFTs from phishing scams

To protect against phishing scams, check URLs before opening them. Do not confirm or perform any activity related to clicking on links, which lead to your wallet if they are external and shared in a DM on Twitter or an email.

When a person, platform or service requests sensitive information, please confirm that you are on the correct URL or contact the customer support team. In case MetaMask wallets meet verifications through the official domain URL MetaMask.io, make sure you don’t click on sponsored ads.

If you are not aware of a site’s legitimacy, do not click on whitelist or airdrop links. Unless you confirm the source, check each URL for malicious intent. Ipqualityscore.com is one of several services that allow you to check URLs for malicious intent before you click on them.