4 NFT scams that newcomers should be aware of
Adrian Vidal/Getty Images/iStockphoto
In mid-July, Verified Market Reports stated that the global NFT market had reached nearly $11.32 billion and was on track to top $232 billion by 2030. With so much money changing hands, one thing is certain: You can trust that criminals try to steal as much of it as humanly possible.
Here it is: Our spotlight for small businesses in 2022
See our list: 100 Most Influential Money Experts
In early 2022, Rolling Stone reported that “NFT scams are everywhere” and the smart move is to “assume everyone is a scammer until proven guilty.”
Rolling Stone was actually late to the game. Industry insiders have been warning NFT traders about the prevalence of digital fraud since the dawn of the blockchain industry.
If you are involved in NFTs, or if you are considering getting involved, these are the most common scams to watch out for.
The old Pump-and-Dump stock scam is now called the Rug Pull
Alternatively known as “pump and dump” – a scam with a long history on the stock market – rye-pull scams are a trap where crypto developers lure early investors with misleading information about a nascent NFT project’s potential. When the NFT’s price hits a certain ceiling, the developers siphon all the money out of the ecosystem and disappear.
Take our poll: Do you think you’ll be able to retire at 65?
Rug pulls sometimes use social media influencers to lure victims. In January, CNBC reported that investors filed a class-action lawsuit accusing Floyd Mayweather and Kim Kardashian of artificially inflating the price of a cryptocurrency called EthereumMax — which is unrelated to Ethereum — and leaving investors with worthless crypto.
According to NFT Now, regulators hold NFT projects to the same standard as real estate, stocks or other investments. In the digital world, as on Wall Street, it is illegal to solicit funds for an investment project and then abandon it without reimbursing investors, keeping the money for yourself.
According to Chainalysis, rug-pull fraud is the bane of the industry, losing $2.8 billion worth of crypto and accounting for 37% of all crypto fraud revenue in 2021, up from just 1% in 2020.
Take a long, hard look at every NFT Airdrop you receive
On September 21, 2021, a Twitter user with the handle @babbler_dabbler tweeted that criminals had raided his digital wallet and stolen Damien Hirst’s “The Currency,” an NFT worth more than $41,000 at the time.
According to Blockcast, @babbler_dabbler was the victim of an airdrop scam, a type of scam that emerged from the DeFi field and is now common in the NFT world.
In this type of scam, users will receive tokens in their wallet that they have never heard of and did not ask for, often ending in .io.
There is nothing inherently suspicious about this. According to CoinTelegraph, unsolicited airdrops are an essential tool for NFT marketing and promotion that legitimate producers use all the time for non-proximate purposes.
However, in the case of airdrop scams, users are redirected to a third-party website when they try to collect NFTs or exchange them for crypto. There, they are rushed through a series of security/password recovery phrases that they must navigate before they can claim their prize. It’s the moment the victims inadvertently let the criminals into their wallets.
Remember phishing scams? They are back
Phishing has more than a quarter-century of history, dating back to when Usenet newsgroup AOHell coined the term on January 2, 1996, according to Phishing.org. It was always linked to email, but scammers have updated the classic scam for the blockchain age.
In November 2021, Check Point Research reported on phishing scams that stole nearly half a million dollars from the wallets of victims that criminals tricked with fake search engine ads that appeared to point to legitimate websites.
Just like with email phishing, NFT scammers tend to impersonate the biggest, most credible players in the industry, such as Phantom and MetaMask. When brands click on an ad, the link directs them to a fake website posing as legitimate sites where they can download digital wallets like Metamask or exchange currency on platforms like Uniswap or PancakeSwap.
Once on the fraudster’s side, victims are asked to enter their private wallet keys or 12-word security seed phrases – a red flag that should always raise suspicion – opening the door to digital robbery.
April fool — They’ve hacked the Discord bots
Like so many similar platforms, the social messaging site Discord uses helpful artificial intelligence devices called bots to perform tasks such as welcoming users, banning troublemakers and moderating discussions.
In April, NFT Now reported that hackers had hijacked the Discord servers for Nyoki Club, Bored Ape Yacht Club, and other popular NFT communities. Fittingly, the attack took place on April Fools’ Day.
The hackers commandeered the community’s bots and used them to trick users into clicking on malicious links that allegedly led to newly developed NFTs with exclusive rewards. However, the NFTs never existed, and the posts linked to phishing websites where buyers paid — tens of thousands of dollars, in some cases — for non-existent tokens.
More from GOBankingRates