As it happens with all technologies, when a new product comes to the marketplace, a section of people grows who wants to purchase it, and another section of people manifests who wants to scam others with it. NFTs are no different than that. As this technology is gaining momentum and more and more people are rallying up to purchase digital collectibles, there is also an increase in potential scammers who phish people’s money through various means.
Since the customer base of digital assets and collectibles is growing by numbers every day, a lot of the NFT communities, even some popular ones, are becoming prone to phishing attacks. Therefore, the line is blurred between who is an authentic seller in the crypto marketplace and who is a bad actor, stealing people’s prized possessions. As the NFTs are still in their Initial Coin Offering (ICO) stage, the algorithmic framework that it was built on is still vulnerable and is naked to any sophisticated attack from outside. Therefore, if you are new to this digital space and want to own a tokenized digital asset, below is a list of the most common red flags that scammers use to steal your NFT money.
Scammers often disguise themselves as legitimate NFT traders and would send you emails containing embedded links to a fake NFT marketplace. Many new and amateur owners fall for this trick when they see offers like this, which are inherently fake. Upon clicking on the link, it will take you to a made-up marketplace for a classic phishing attack and will ask you to link your digital wallet to their platform. If you mistakenly end up submitting your seed phrase there, the bad actors will be able to hack into your wallet and drain your assets.
Therefore, it is usually advisable to check the sender’s address and verify the email from any legitimate NFT trading platform before making a move.
If you are new to NFT trading, the first thing that you have to search for is a trustworthy trading platform. Because there are many phishing marketplaces that will record down your credentials if you buy from one of them. And if you mistakenly provide them with your private key or 12-word security seed phrase, they might end up draining your assets. These same tactics are used even in crypto gambling such as scamming in LTC casinos. Therefore, be it crypto casinos or trading NFTs, you always need to verify the legitimacy of the trading marketplace so that you don’t get your wallets hacked.
Many scammers invite people in their made-up giveaway campaigns where they promise people to give free NFTs if they sign up on their platforms – which is a phishing site. Once they make you link your digital wallet to their website to receive the prize, they can see what you type, including your passwords and seed phrases. It is a simple trick to hack into your wallet and steal all of your assets and NFTs. Therefore, it is advisable to verify beforehand the email link and site domain from an existing list of trustworthy websites before making any move.
Another common scamming trick is to send you warnings and alerts about your NFT purchases. When you get an alert and write on a forum for help, scammers disguised as legitimate technical support inboxes you saying that they can help. They will usually ask you to share your screen to see what’s going on and might take screenshots of your QR linking your wallet or your seed phrases. Sometimes, they will ask you to log in to a provided link for further technical assistance but the link is a set-up site to steal your assets. So, beware of the people who claim to be from tech support and always verify the domain before making any decision.
An old-school scamming trick is the kick off of a starter project (games, NFTs) and draws investors to invest in it. When they reach a million or more, they pull the plug on it and run away with the money. Usually, it is done quickly without making people notice but there are also cases where the project is abandoned slowly with fewer update releases and slowly moving away with the money. Therefore, the rule of thumb is to check beforehand whether the project has a long-term plan behind it or not, to ensure a legitimate investing opportunity. If you are really unsure, there’re a lot of guides for investing for beginners that you can take help from.
A classic trick is when a group buys out a large number of NFTs to trick the market into believing that it is trending. When they get enough attention and increase the demands for it, they dump the NFTs at a price they are comfortable with. Due to this, the highest bidders are usually left with assets that are low in value. Therefore, it is required to check the transaction history before making any purchases. A scheme of this sort usually has a large number of purchases in a short period of time.
Any digital file can be turned into an NFT but that doesn’t add any value to its intellectual property. A lot of con artists create replicates of the original artwork and convert them into NFTs to sell in the marketplace. So if you mistakenly end up buying a counterfeit NFT, there’s no way to get your money back once the community points out that the art piece is nothing but a fake replica. Therefore, you should always check for the original artist through their social media and bookmark them if necessary. The original creators usually have a verified tick in their profile.
The most common red flags in purchasing NFTs also have the most common solutions. The first one is to not click blindly without checking the site domain. DYOR (Do Your Own Research) before making a purchase. If necessary, ask for professionals. Be vigilant when it comes to punching your digital wallet or seed phrases in a new platform. It is common advice to always check the contact address to see where the NFT was minted originally. If you are unsure, feel free to contact the creator through their social media to verify the legitimacy of the trading artwork or assets.
When it comes to digital wallets, always make sure you use legitimate wallet apps and not phishing ones. So it is advisable to download the wallet directly from the official site to avoid any malicious impersonating ones.