Unfortunately, the NFT boom has also given rise to many NFT scams. Since NFTs are gaining traction and reaching a wider audience, they are becoming increasingly tempting for cybercriminals —especially considering the significant amount of money being poured into the industry.
Let’s deep-dive into the most common scams involving NFTs and explore some tips to avoid them like a pro.
How Do NFT Scams Work?
NFT scams take many shapes and forms. Some fraudsters employ sneaky methods to get their hands on your wallet info and drain it before you even know it. Others prefer going the extra mile, so they set up fake marketplaces or sell counterfeit NFTs.
Other famous scams involve creating fake —but very real-looking— projects, getting people hyped up, taking all their money, and just disappearing from the face of the Earth.
As in real life, there are many ways to scam people in the NFT space. So, it’s always wise to be careful and diligent.
Types of NFT Scams
Let’s go over some of the most common NFT scams:
1) Plagiarized NFTs
Fraudsters with little knowledge of technology can easily take any online asset that is not theirs (like a picture or a song) and sell it on NFT marketplaces.
This has become a significant issue for digital artists: NFTTheft, a collective of artists highlighting fraudulent listings, claims that scammers have listed hundreds of thousands of pieces of art without their knowledge on OpenSea and other NFT marketplaces. Recently, OpenSea reported that over 80% of NFTs minted using its minting tool were plagiarized works, fake collections, and spam.
Some marketplaces have started implementing measures to face counterfeiting, plagiarism, and copyright infringement. Rarible, for instance, has implemented a human-moderated verification system that encourages sellers to link their social media accounts. The goal is to cut down on NFTs from non-verified sellers.
For buyers, it’s a bit more difficult to verify whether an NFT they like is authentic or not. However, you can always start by researching the creator on social media and see whether they have their work listed on a specific marketplace. You can also do a reverse Google image search to see if the NFT has an original owner and check whether the seller is verified on your preferred marketplace.
2) Phishing NFT Scams
NFTs are controlled by a private key (a secret alphanumeric string that is similar to a password and is used in cryptography). Regardless of whether NFT holders keep their keys or trust a marketplace to keep them, attackers can steal their funds if they manage to get their hands on this crucial information.
In general, hackers use phishing techniques to trick people into giving away their private keys. The most common one involves sending out fake links through email or popular social media platforms like Twitter and Discord. Then, once the user clicks the link and enters their details, scammers use keylogging or spyware to access their account.
Earlier this year, OpenSea suffered a $1.7 million phishing attack. The popular NFT marketplace had asked users to update their contact details, but scammers were quick to copy the platform’s email and sent users links to fraudulent websites.
3) Pump-and-Dump Scams
A pump-and-dump NFT scam involves artificially inflating the price of a token by spreading misleading or fake information.
So, essentially, they promote and build up hype around a token to get the community excited about it, usually through social media and celebrity endorsements. By doing so, sales go up, and so does the token price. And when that happens, they “dump” (that is, massively sell) the NFT and disappear without a trace. This causes the price to drop dramatically, leaving investors with a worthless asset.
SafeMoon, for instance, is a good example of a pump-and-dump scheme involving some A-list celebrities. The current lawsuit claims SafeMoon misled investors to purchase tokens promising unrealistic profits.
To steer as clear as possible from this type of scam, it’s essential to do your own research before investing in an NFT. Remember: celebrities and influencers are not NFT experts.
4) Rug Pulls
A rug pull is a scam where fraudsters hype an NFT through social media, lead people to buy tokens, and pull out after receiving significant funds from investors. They essentially build trust and buzz around their NFT, wait for funds to pour in, and then shut down the entire project and vanish with the money.
The Frosties NFT is a classic example of a rug pull. It involved a professional-looking project operated by two young developers who promised many perks and benefits. However, after investors poured in over $1.3 million, they shut down the project website and social media, disappearing without a trace. They have recently been arrested and charged by US law enforcement.
5) Fake NFT Airdrops and Giveaways
Many NFT projects have leveraged airdrops and giveaways as marketing tools. They can help boost awareness and generate hype around a given project, so they have become quite popular in the ecosystem.
But sometimes, scammers use these mechanisms to their advantage. An airdrop or giveaway scam involves creating a fake but convincing website and asking people to sign up in exchange for a free NFT. Once a persona signs ups, they’ll receive a link requiring them to enter their wallet details to get the token. The scammers will then use that information to access the person’s wallet and drain it.
Earlier this year, scammers accessed a holder’s wallet via this scheme and stole a Bored Ape Yacht Club NFT worth 102 ETH, a Mutant Ape Yacht Club NFT worth 23.4 ETH, and other tokens, totaling over half a million dollars in losses at that time.
Scammers often impersonate popular NFT accounts on different platforms through fake pages that are very similar to the originals. They convince users of their legitimacy and then use that platform to sell fake NFTs or ask them for their wallet details.
Sometimes, scammers impersonate customer support agents from renowned NFT marketplaces and reach out to users saying there’s an issue with their account and that they need to provide their wallet details.
To avoid impersonation scams, it’s essential to pay close attention to the accounts you engage with and ensure they are verified or have at least a big following. Also, double-check email addresses whenever you get a sketchy email asking for too much information, and maybe even reach out to customer support before making any moves.
Tips to Keep Your NFTs Safe
Now that you know the most common NFT scams, let’s explore how to avoid them. Here are some actionable steps you can take to protect your NFTs from greedy scammers:
- Store your NFTs in a non-custodial wallet. By storing your NFTs and digital assets in a non-custodial wallet, you're in charge of your private keys. This offers your greater security and protects you from phishing attacks.
- Keep your private keys private. This might seem obvious, but don’t share your private keys with anyone —not even with someone famous or seemingly reputable in the community.
- Buy and sell your NFTs on trustworthy marketplaces. Make sure you trade only on established NFT marketplaces with a strong reputation in the community.
- Make informed decisions. Before purchasing a new NFT, read the project’s white paper and roadmap, visit its social media and check reviews and testimonials online. That way, you can avoid buying a counterfeit token or from a fake marketplace.
- Be careful what you install on your devices. Cybercriminals often use fake browser extensions or spyware to get their hands on your private keys, so try to avoid downloading unverified programs on your devices.
We’re not here to tell you just one side of the story. The truth is that there are many NFT scams out there, and the industry should start taking action to prevent them. In the meantime, it’s up to holders to look out for them.
Owning NFTs certainly involves risks. But if you take the appropriate measures and are careful with your private data, your holdings will most likely be safe from scammers.
Do you want to know more about NFTs and how to keep them safe? Explore our blog posts!
Also, join us on LinkedIn and Instagram to get more NFT insights and be part of our community.