Phishing is an especially popular method for hackers to steal user-key information for cryptocurrency wallets. This type of scam can take all the tokens including ERC-721 or NFTs from your wallet. Through fake emails, links via paid Google ads, links sent through social media scammers can take all your funds. Once you enter your account details on their fake page, the scammers have everything they need to log in to your real account and steal your funds.
In OpenSea the primary currency to buy and sell NFTs is through ETH or wETH1, which is usually used for auctions. Scammers will often use the *stablecoin *USDC, which is pegged at one US dollar 1 USDC = 1 USD to place offers in auctions, effectively low-balling the competition by far. You might think who would fall for such an easy-to-spot scam? Well, they hope those novice users will accept these ridiculous offers by mistake. Their username would often be changed to ‘wETH’, ‘Weth’, ‘WEth’, 'WETH', or a similar version. Their profile picture on OpenSea will also be changed to the wETH logo to further the legitimacy of the scam. Novice users sometimes mistake the username and profile picture with the actual currency, rushing to accept the offer. For example, instead of getting 10 ETH, they get 10 USDC due to being blinded by that fleeting moment of greed.
When there is a successful project, there will always be a fake project that follows along by creating the same exact tokens (NFTs). They name themselves similarly to the real collection as well as the exact same descriptions. Usually, they are selling the NFT below market price or below the mint price. It’s true that when it’s too good to be true it probably is. You should use extra due diligence when purchasing NFTs, if in any doubt ask the official Discord servers of each project and use the link on their site. Buying into these fake collections are in no way the team or project’s own faults, I’ve seen people caught in the scam and blame the team for everything. NGMI.
On the right you can see a fake BAYC with a checkmark vs real BAYC collection. Please don’t fall for something like this.
The *.scr file scam happens when people, usually an ‘artist’ or the artist’s ‘clients’ DMs you offering something and providing a 'link' to relevant project files. By clicking the link, it allows scammers to access your Metamask wallets and drain token balances. Be extremely wary of any sort of links sent to you even by a ‘friend’. Very simple not falling for this scam, just be careful about opening any links send through any messages on any platforms.
Opsec refers to operation security, mainly focusing on your passwords and account details. This is first and foremost, the best way of avoiding your funds being taken away from you by somebody else through scams. This will eliminate 90% of all scams that currently exist in the NFT space. Have strong passwords managed properly with a password manager app and not Chrome. Enable 2FA (2 Factor Authentification) every time you can and do not keep seed phrases on your PC. Write them down somewhere on paper with multiple copies. You don’t want to be this guy:
Now that we have gone over some ways scammers can part you from your money, there are newer scams and exploits being discovered every week! The best way that you can be safe from scams is to be aware of the different kinds in the NFT space.
While you are looking around why not check out our Youtube Channel NFT Caviar for some free content? Make sure to subscribe and to be notified for each video upload! You can also follow me on Twitter @HuhaoNFT for updates in the NFT metaverse.
Oh yeah. We like NFTs.