At the beginning of 2022, Rolling Stone said, “NFT scams are everywhere.” The best thing to do is “assume everyone is a scammer until proven otherwise,” the magazine said.
Verified Market Reports said in mid-July that the global market for NFTs had reached almost $11.32 billion and was on track to reach over $232 billion by 2030. When that much money changes hands, you can be sure that Bad Actors will try to steal as much of it as they can.
In fact, Rolling Stone was late to the party. Since the beginning of the blockchain industry, people who work in the industry have warned NFT traders about how common digital fraud is.
If you play with NFTs or are thinking about doing so, these are the most common scams you need to be aware of.
The Rug Pull NFT Scams is the new name for the old “Pump and Dump” stock scam.
The rug-pull scam, one of the other NFT Scams, also called “pump and dump” on the stock market, is a trap in which crypto developers mislead early investors about the potential of a new NFT project. This type of fraud has been around for a long time. When the price of NFT reaches a certain cap, the developers take all the money out of the ecosystem and leave.
Rug pulls sometimes use social media influencers to get people to fall for their scams. In January, CNBC reported that investors had filed a class-action lawsuit against Floyd Mayweather and Kim Kardashian, accusing them of artificially inflating the price of a cryptocurrency called EthereumMax has nothing to do with Ethereum and leaving investors with worthless cryptocurrency.
NFT Now says that regulators look at NFT projects the same way they look at real estate, stocks, and other investments. Just like on Wall Street, it is illegal in the digital world to ask for money for an investment project and then drop it without giving back the money.
Chainalysis says that rug-pull scams are bad for the industry because they steal $2.8 billion worth of crypto and will make up 37% of all crypto scam revenue in 2021, which is a big jump from 2020 when they only made up 1%.
Look carefully at any NFT airdrops you get.
On September 21, 2021, a Twitter user with the handle @babbler dabbler posted that thieves had broken into his digital wallet and stolen “The Currency” by Damien Hirst, an NFT that was worth more than $41,000 at the time.
Blockcast says that @babbler dabbler was a victim of an airdrop scam. Airdrop scams started in the DeFi field and are now common in the NFTs world.
In this type of scam, users get tokens in their wallets that they have never heard of and didn’t ask for. These tokens often end in.io.
There’s nothing about this that seems suspicious. CoinTelegraph says that unsolicited airdrops are an important part of marketing and promoting NFTs and that legitimate producers use them all the time for good reasons.
In airdrop scams, on the other hand, users are sent to a third-party site when they try to get their NFTs or trade them in for crypto. There, they are forced to go through a series of security/password recovery phrases before they can get their prize. At that point, the people who were robbed didn’t mean to give the hackers access to their wallets.
Don’t forget Phishing NFT Scams.
Phishing has been around for more than 25 years. On January 2, 1996, the Usenet newsgroup AOHell was the first to use the word “phishing.” It was always linked to email, but scammers have updated the old trick for the blockchain age.
In November 2021, Check Point Research released a report about phishing scams that stole almost $500,000 from the wallets of people who were tricked by fake search engine ads that looked like they led to real sites.
Just like with email phishing, NFT scammers often pretend to be the biggest and most trusted companies in the field, like Phantom and MetaMask. When people click on an ad, the link takes them to a fake site that looks like real sites where they would go to download digital wallets like Metamask or change currencies on platforms like Uniswap or PancakeSwap.
Once on the fake site, victims are asked to enter their private wallet keys or 12-word security seed phrases, which is a big red flag that should always make you suspicious. This makes it possible for digital theft to happen.
April Fool’s Day: They’ve Hacked the Discord Bots
Like many other similar platforms, the social messaging site Discord uses helpful computer programs called bots to do things like welcome new users, ban people who cause trouble and keep discussions on track.
In April, NFT Now reported that hackers had taken over the Discord servers for popular NFT communities like Nyoki Club, Bored Ape Yacht Club, and others. April Fool’s Day was the right day for the attack.
The hackers took over the bots of the communities and used them to trick people into clicking on malicious links that led to new NFTs with unique rewards. But the NFTs didn’t exist, and the posts linked to phishing sites where people paid for tokens didn’t exist. In some cases, people paid tens of thousands of dollars for tokens that didn’t exist.
