The FBI has issued a warning about criminals impersonating legitimate NFT developers to defraud users within the NFT community. These malicious actors either hijack the social media accounts of genuine NFT developers or create accounts that closely resemble them. They then promote fake NFT releases, often instilling a sense of urgency by using terms like “limited supply” or referring to the promotion as a “surprise” or an unannounced mint.
The Phishing Scheme
The links in these deceptive posts lead to phishing sites that mimic legitimate NFT project websites. Unsuspecting victims are prompted to connect their cryptocurrency wallets and buy the advertised NFT. In doing so, they inadvertently link their wallets to a malicious smart contract, which drains their cryptocurrency and transfers their NFTs to wallets controlled by the criminals. The stolen assets are typically laundered through cryptocurrency mixers and exchanges to hide their origin.
Tips to Protect Yourself
The FBI provides some important tips to help individuals protect themselves from falling victim to these scams:
Research Surprise Opportunities
If a renowned NFT project announces an unexpected NFT opportunity, verify if the developer has previously offered such surprises or if they’ve stated they won’t do surprise mints. Criminals often exploit the urgency victims feel during surprise announcements. Always double-check official channels for any announcements and cross-verify them with the NFT developer’s genuine social media accounts or websites.
Verify Social Media Accounts
Ensure the social media account promoting the NFT is the official account of the developer and not a counterfeit. Look for discrepancies in spelling, account history, followers, or creation date. Criminals may create accounts that closely resemble the genuine ones, but careful scrutiny can help identify potential fakes.
Check Website Authenticity
Before connecting your cryptocurrency wallet to a website, ensure it’s genuine and not a clone. Signs of a fake site include misspelled domain names, unusual URL characters, or non-functional links. Always verify the website’s authenticity directly from the NFT developer’s official website or official social media channels.
Be Skeptical of Too-Good-To-Be-True Offers
Exercise caution with offers that seem overly generous or unbelievable. If an NFT promotion promises unrealistic returns or extremely rare NFTs at unusually low prices, it’s likely a scam.
The FBI encourages victims of such scams to report any fraudulent or suspicious activities to the FBI Internet Crime Complaint Center at www.ic3.gov. Include any relevant links, social media accounts, crypto accounts, or domains used in the scam, and use the keyword “NFTHack”.
As NFTs gain popularity, scammers are finding new ways to exploit users’ excitement and trust in the blockchain technology. Staying vigilant and following these tips can help individuals protect themselves from falling victim to NFT fraud and ensure a safer NFT ecosystem.