Non-fungible tokens (NFTs) took a significant place in the cryptocurrency ecosystem, especially after 2020. NFT markets, in which gaming companies, celebrities and many investment firms showed interest, started growing day by day, reaching millions of dollars in transaction volume. There are dozens of movies about the theft of famous works of art, and maybe years later we’ll still watch movies about how NFTs were stolen.
This article looks at our picks of the five most popular ways hackers steal NFTs from their owners and walk away with millions.
One of the most common methods used by hackers, phishing is based on duplicating a legitimately operated website/marketplace. Unfortunately, users who overlook a small change or addition to a website’s URL can incur significant losses.
Check the URL of a service/marketplace/website before allowing a website to connect your Web3 wallet like MetaMask, Phantom, Terra Station Wallet, etc.
As a secondary security measure, the authenticity of the NFT and the seller’s transaction history should be questioned. If an NFT is significantly below the market price, this should be a red flag and raise your suspicions.
#2 Discord Scam
Discord is a platform that many NFT and crypto-related teams use heavily. It is used for many purposes, e.g. B. for important information, audio meetings and review processes. But the larger a community is, the more scammers it attracts.
The Mint addresses of NFT projects are generally shared on Discord channels. Scamming is done by hacking the channel directly or sending fake messages to users via DMs.
Do not click on links posted by outsiders. On the main pages it is necessary to check the messages sent by the admins before clicking. Admins of real projects don’t private message anyone out of the blue. Always be careful when dealing with users on Discord due to the anonymity of the platform and the internet.
#3 Copycat NFTs
Some scammers examine the wallets of influencers and celebrities in detail; They shape similar NFTs to what’s in influencers’ pockets.
Therefore, since people want to follow these wallets and make similar investments, the originality of NFTs should be strictly checked before buying them.
Copycat NFTs became such a problem that services and metaverse crypto projects like Verasity even decided to implement a proof-of-view protocol that can authenticate NFT collections to prevent victims from falling for this type of scam .
#4 Fake Social Media Accounts
It is a common scam to misspell the social media names of popular influencers by adding a letter, symbol, or number to the end of actual project profiles and usernames.
These fake accounts usually get in touch via private message and make an offer. To avoid falling into this trap, check the account’s followers, posting history, and account content.
Twitter is the most popular social medium used for the attack as most of the NFT promotions and influencers reside on the platform. Investors should exercise caution when dealing with Twitter users, even if they are verified with hundreds of thousands of followers.
You may also be interested in the following article:
Do you use MetaMask on Apple devices? Turn off your backup
#5 Stolen Social Media Accounts
Like the Discord scam, stealing social media accounts of popular influencers through social engineering is a popular tactic used by scammers to trick followers into connecting their wallets to malicious websites and is a gateway to multiple phishing -Attacks.
Hackers who steal the project’s official account or a famous NFT artist send potential victims a clickable link. They usually try to cheat with free mint, airdrop or gifts.
One of the most popular NFT heists using the above method recently was the Bored Ape Yacht Club. Hackers managed to gain access to the project’s official Instagram account and create a phishing airdrop that netted about $1 million in stolen NFTs.
Remember the following rules to protect your NFTs
- Prefer hardware wallets over software wallets.
- Consider any private message sent to you as a potential scam and verify the account.
- Do not share your private key, seed phrase and/or passwords with anyone.
- Use strong passwords and consider alternative authentication options.
- Don’t forget: the only free cheese is in the mousetrap.
Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any service.
Terra 2.0 (LUNA) price down 58% this week, Emergency Allocation Prop 446 launched
Follow us on Twitter @thevrsoldier to keep up to date with the latest Metaverse news!
Image source: grandeduc/123RF