On October 6, 2021, the US Department of Justice (DOJ) announced the creation of a National Cryptocurrency Enforcement Team to address the investigation and prosecution of cryptocurrency criminal abuse.1 As the market for non-fungible tokens (NFTs) continues to expand, the DOJ’s increased focus on cryptocurrency has begun to include NFTs. Just as with any other market, a particular focus of the DOJ’s efforts will be to identify and prosecute fraud. At the same time, fraud is becoming increasingly common in the NFT market.2 This article provides an overview of common fraud typologies in the NFT market and steps NFT market participants can take to protect themselves from becoming victims of fraud or inadvertently facilitating fraud.
Recent examples of fraudulent activity in the NFT market
The following recent examples show some of the NFT fraud typologies that have occurred to date:
- In August 2021, a fake Banksy NFT was sold for £244,000 on a now-deleted page on the artist’s website following a hack. After widespread press coverage, the hacker eventually returned most of the money to the buyer.3 In September 2021, allegations of insider trading rocked the NFT space after leading NFT marketplace OpenSea confirmed reports that an employee bought NFTs they knew would appear on the company’s front page before they appeared publicly only to resell them at a higher value after that the NFTs were featured on OpenSea’s website.4
- On January 10, NFT marketplace LooksRare launched as a competitor to OpenSea, attracting high volumes with its token incentives and trading rewards; However, on January 30, Cointelegraph reported that a very small group of traders who executed hundreds of thousands of dollars worth of trades between their own wallets reaped most of the trade rewards.5
- On January 15th, NFT artist Liam “Sharpy” Sharp announced that he would be shutting down his DeviantArt gallery due to the piracy of his NFTs and the cumbersome process artists must undertake to report all instances of piracy to the NFT platform .6
- Between January 23 and 27, a series of blockchain transactions show that cryptocurrency used to purchase an NFT of Melania Trump’s first official state visit came from a wallet belonging to the entity that originally listed the project for sale.7
- On January 24, Elliptic identified at least five attackers who leveraged still active old market placement ads to buy $1.1 million in NFTs from OpenSea users – well below market value – and later sold them for multiples of the purchase price. At least one of the attackers sent his profits through a mixing service.8
- On January 27, VICE reported that some NFTs on OpenSea used custom code to capture viewers’ IP addresses, potentially for the purpose of extracting other identifiable information about viewers.9
- On February 2, Chainalysis published a study reporting that NFT washer traders made nearly $8.9 million in profits, likely from sales to unsuspecting buyers who thought the NFT they bought had grown in value. The study also reported that $2.4. millions from illegal addresses were sent to NFT marketplaces for money laundering purposes, including significant amounts of stolen funds – even those at sanction risk.10
- On February 11, NFT marketplace Cent announced that it is halting the sale of NFTs due to widespread NFT counterfeiting and plagiarism, and may introduce centralized controls as a short-term measure to reopen the market.11
- On 14 February, the UK government’s HM Revenue & Customs seized its first NFTs as possible proceeds of money-laundering methods in a suspected £1.4 billion value added tax (VAT) fraud in which two individuals attempted to reclaim more VAT than they owed by using stolen identities, unregistered phones and fake invoices to hide their identities.12
- On February 19, OpenSea announced that it was investigating a potential phishing campaign that took advantage of the planned smart contract upgrade to steal NFTs from at least 17 NFT holders.1. 3
- On March 24, the DOJ charged two defendants in connection with the execution of a $1 million NFT “rug pull” scheme. The defendants created and sold NFTs before abruptly abandoning the project, shutting down the website and withdrawing investors’ money just hours after the NFTs sold out.14
- On April 25, Cointelegraph reported that Yuga Labs, developer of Bored Ape Yacht Club NFTs, fell victim to hackers who breached its social media account and shared phishing scam links to a website used to steal NFTs from users who connected to MetaMask – their wallets. to the website. About 100 NFTs, with an estimated value of more than $40 million, were stolen during the attack.15
- On April 28, the Joint Chiefs of Global Tax Enforcement (J5), an intergovernmental organization dedicated to combating transactional tax crime, released an intelligence bulletin titled “J5 NFT Marketplace Red Flag Indicators” that provides guidance on NFT fraud indicators and how to improve fraud detection in the NFT market.16
- On May 11, securities regulators in five states filed an enforcement action against Flamingo Casino Club, a meta-war casino with alleged ties to Russia, ordering the casino to stop selling its NFTs. Among other things, the regulators alleged that Flamingo Casino Club sold unregistered “collateralized NFTs”, allegedly giving potential investors a share of the casino’s profits; used false information to hide the identity of the principals; and falsely claimed to have partnerships with and endorsements from various high-profile businesses, including a brick-and-mortar casino in Las Vegas.17
- On June 1, the DOJ published a press release announcing the dismissal of an indictment charging a former OpenSea employee with wire fraud and money laundering “in connection with a scheme to commit insider trading.” The indictment relates to reports confirmed by OpenSea in September 2021 alleging that the former employee used confidential information to purchase NFTs with the knowledge that the NFTs would in the future be featured on the NFT marketplace’s website as the NFT value was likely to increase. and the former employee would obtain a personal financial benefit.18
- On June 4, CoinDesk reported that Yuga Labs suffered a hack of its social media server, with hackers stealing roughly $360,000 worth of NFTs via a phishing scam posted on the social media channel.19
- On June 30, the DOJ announced criminal charges against a defendant who allegedly orchestrated an NFT rug-pull scheme by abruptly ending an alleged NFT investment project, deleting its website and absconding with investors’ money. The defendant and his co-conspirators allegedly laundered $2.6 million of investors’ funds through “chain hopping,” a form of money laundering in which one type of coin is converted to another and funds are moved across multiple cryptocurrency blockchains.20
Click here to continue reading. . .
Footnotes
1. Press Release, “Assistant Attorney General Lisa O. Monaco Announces New Cryptocurrency Enforcement Team,” Dept. of Justice, 6 Oct. 2021, available at
2. Chainalysis 2021 NFT Market Report,
3. “Fake Banksy NFT sold via artist’s website for £244k”, 31 Aug. 2021, available at
4. “Largest NFT Marketplace Admits Solution Was in Place, Surprising No One,” 11 Dec. 2021, available at
5.
6.
7.
8.
9.
10.
11.
12.
1. 3.
14.
15.
16.
17.
18.
19.
20.
The content of this article is intended to provide a general guide to the subject. You should seek specialist advice about your specific circumstances.