The NFT market is growing rapidly, with trade volumes in excess of several billion dollars, and it would be strange if fraudsters did not try their luck in this sector.
A hacker managed to outwit a gullible buyer and thus sell him NFT on behalf of the famous artist Banksy for $ 338,000. He later returned the money to the victim, but the story could have ended differently. In this article we will talk about the most common types of fraud on the market for non-interchangeable coins and how to avoid them.
Fake NFT support service
One of the most popular and widespread scams in this area is the fake NFT support service.
In it, fraudsters pose as employees of a popular platform such as OpenSea. In the course of communication with users of the service, they try to gain access to private keys or sell non-authentic non-interchangeable tokens. To do this, fraudsters create accounts in various messengers with names such as “OpenSea Support”. When the potential victim in the chat starts writing about any problems on the site, the hackers start acting.
A large number of fake support representatives have been registered in profile chats and communities such as Telegram and Discord. However, there are cases when they create their own channels in Telegram and present them as official on the market.
In order not to fall into this type of fraud, we need to ask specific questions about problems directly through tickets or accounts, which are listed on the official website of the project. The main thing is not to share information about your personal profile and private keys, because sales employees do not need them. In addition, before joining a crypto community, we need to make sure that it is credible.
Fraud via MetaMask
Another effective way to cheat is to use the browser-based version of the MetaMask crypto wallet .
For example, a fake person asks the user to share their screen, then directs the victim to the wallet section designed to connect MetaMask to various devices. By doing this, the attacker can set up a crypto wallet on his own device, gaining full access to the client’s funds.
Due to the frequent occurrence of such attacks on users, MetaMask temporarily disables this feature. But the fraudsters still managed to find their victims. So, in late August, Jeff Nicholas, creative director of Authentic AI , mentioned on Twitter that hackers had removed most of his NFT collection. He searched for the OpenSea support channel in Discord, but came across a fake. Unknown people have asked him to share his screen to make it easier to “support” to help him with the problem. They also offered to synchronize the MetaMask browser wallet with the smartphone app and asked to open the relevant tab in its settings. The wallet generates a QR code, after which a synchronization message appears. But in reality, the attackers scanned the code and withdrew all the assets from the hacked digital wallet.
Fake links to create NFT
Many opportunities arise for hackers during the initial sale of non-interchangeable tokens (IPOs) or during the creation of new ones. The process of issuing NFT is not complicated, but if the user is careless or attracted by some unverified advertising, then he may make a mistake.
For example, undercover individuals post fake links in chats and channels to sites where it is claimed that a non-interchangeable coin will be created. By clicking on them, users synchronize their wallets with the fraud site and lose all their tokens.
Experienced investor and analyst at Messari Research Chase Devans fell into this trap in late August last year. In an attempt to release his own NFT, he followed a link that copied one of his chats to Discord. When he tried to create tokens on the fictional site, he lost $ 15,000 in cryptocurrency SOL and all his non-interchangeable coins. In comments below Devans’ Twitter post, investor @cryptolyfer said he had also been the victim of a similar scam, but had lost $ 250,000 in the same currency.
In order not to fall into the list of victims of this trick, we should not follow links from chats and channels, as well as respond to unknown persons in private messages. It is also better not to store all non-interchangeabletokens in one wallet, but to create a new one before each mining.
Copies of original NFT
Fraudsters also create copies of original NFTs and sell them as genuine . Technically this is not difficult, in fact they are just a record in the blockchain that a digital file belongs to a specific address. Copies differ from the originals only in address and in that one has interfered with the real author of the image or coins, while the other has not. The fake face can copy the original GIF or JPEG image, create a new token and transmit it as the original.
Even in the big markets there is still no strict inspection of the sellers of this type of crypto assets – everyone can upload a file and create their own based on it. The accounts of crooks trading on behalf of famous artists are quickly blocked, but by this time they can already sell a few false non-interchangeable coins.
The NFT market is growing rapidly – and the number of fraudsters in it is also growing. But, fortunately, we can protect ourselves from most intruders by following basic security rules.
The main thing to remember is that when buying such coins, we must independently and carefully check their originality – the fact that the token is placed on a large platform does not guarantee its authenticity.