NFT Scams: How They’re Hurting The Market

Scams are increasingly prevalent in the dynamic NFT market. Notably in 2023, even savvy investor Kevin Rose was duped, losing more than $1 million in blue-chip NFTs. 

As of now, over $26 million worth of NFTs have been stolen. While NFTs have legitimate applications across digital art, gaming, real estate, and more, the growing number of scam occurrences casts a shadow over the industry’s reputation.

Whether you’re trading, investing, or just dipping your toes in the NFT market—you must understand how NFT scams work and how to protect your assets.

Follow @hackenclub on 𝕏 (Twitter)

Common NFT Scams

NFT Rug Pull

In a rug pull scam, the team behind an NFT project drains its liquidity and disappears with the funds. They present their collection as a worthwhile investment, often adding a backdoor in smart contracts or asset management systems to facilitate the theft. 

Pixelmon—a combat-based NFT game—remains one of the most phenomenal rugs in NFT. Starting at a 3 ETH floor price, the founders raised about $70 million, after which they abandoned the project and stole the funds.

Sometimes, the rug perpetrator utilizes their influence. A rapper Soulja Boy rugged his audience three times in a row for a total of 69 ETH.

Soulja Boy. Source: NFT Evening

Fake NFTs

Counterfeiting is a prevalent issue within the NFT market: plagiarized works, fake collections, and spam. Much like counterfeit art, fake NFTs are worthless. While major marketplaces combat this with detection systems, the responsibility is still on the investor to verify the token’s authenticity and its creator’s legitimacy.

In February 2023, Mason Rothschild plagiarized the outlook of a French fashion bag named Hermès and made about 200 ETH.

Pump-And-Dump Schemes

In a pump-and-dump scheme, bad actors artificially increase the price. They pour liquidity into an NFT collection, simulating strong demand. Outsiders may view the rising prices as a sign of a good buy, only to be left with devalued NFTs when the demand dries up.

An artist, Ryder Ripps, has profited over $5 million after dumping numerous NFTs on unfortunate collectors.

Pump-and-dump has become so rampant in the NFT space that a project named Parrot adopted the scheme as its utility, encouraging collectors to join the pump and make money.

Gotta love a good Pyramid Scheme that’s at least explicit about it. pic.twitter.com/Q9VtYNlhKe

— NFTstatistics.eth (@punk9059) September 11, 2022

Phishing Scams

Scammers manipulate people into clicking malicious links that are designed to hijack control of the user’s account or wallet. These links can be sent through various channels such as Discord, Twitter, and Telegram or embedded in random ads.

Malicious links can even come from official channels. Memeland by 9GAG, Proof/Moonbirds, and other popular NFT marketplaces were targeted by a sophisticated phishing attack in May 2022. The attacker had compromised a widely-used Discord bot, Mee6, enabling them to post messages on public channels, giving the impression of authenticity. The attacker used the bot to distribute phishing links disguised as an “Official Mint Site”. Victims who approved the transaction unknowingly transferred their NFTs to the scammer’s wallet. 

Both novices and OGs can get phished. Even NFT God, a famous NFT influencer on Twitter, admitted losing “a life-changing amount of their net worth” by downloading malware software from an ODS-sponsored link.

Last night my entire digital livelihood was violated.

Every account connected to me both personally and professionally was hacked and used to hurt others.

Less importantly, I lost a life changing amount of my net worth

— NFT God (@NFT_GOD) January 15, 2023

NFT Marketplace Hijacking

Scammers frequently replicate prominent NFT marketplaces like OpenSea and Rarible to sell fake NFTs. Additionally, these websites mimic wallet connection services, granting bad actors access to victims’ assets.

A serial NFT scammer called Elliot has stolen over $5 million using this method.

Malicious Airdrop

In a malicious airdrop or giveaway, scammers promise free NFTs. They solicit wallet details from applicants, then use this information to compromise the wallets. These scams often proliferate on Twitter and other major social media platforms.

In March 2023, scammers used airdrops as clickbait to siphon over $300k from the BLUR NFT marketplace users.

Address Poisoning 

Address poisoning is a less-known scam where fraudsters send a $0 transaction to your wallet from an address similar to yours. The aim is to trick those who copy-paste wallet addresses from their transaction history into inadvertently sending NFTs to the wrong, “poisoned” address.

Scammers recently poisoned the address of an Arbitrum user and stole over $1.3 million.

Follow @hackenclub on 𝕏 (Twitter)

What Is The Impact Of NFT Scams On The Market?

In terms of numbers, it’s estimated that cryptocurrency users have lost over $26 million to NFT-related scams since mid-2021, according to ZenGo Wallet NFT Hack Detector.

ZenGo Wallet NFT Hack Detector. Source: Dune

The effects of NFT scams reach far beyond individual victims, creating ripples that spread throughout the entire market. These impacts come in several forms and influence both the public perception and economic health of the NFT industry.

Bad reputation. The first impact of this is bad PR for the NFT space. Many would-be investors and traders stepped back because they wouldn’t want to be victims of the next rugs or counterfeit NFT collectibles. As a result of the bad PR, it is hard for utility-driven projects—worth all the support and investments—to gain the people’s trust.

Lower sales. Secondly, the total year-in-year value of the NFT industry is dropping. Looking at the data, NFT sales dropped by 83% between 2022 and May 2023. This is unsurprising because scammers stole over $20 million of NFTs in 2022 alone.

NFT scams hit North America and Australia the most. The largest share of proceeds from NFT scams come from the U.S., Canada, and Australia. It’s no surprise since NFT is the most popular DeFi category among North American users.

Source: Chainalysis

Many are novices in the crypto realm and potentially more susceptible to being tricked, which explains the higher incidence of scam-related revenues from these regions.

Communal demand for audits. The NFT community is becoming more security-conscious before aping into any project. The community often demands a quality audit of the codebase to rest assured that there are no possible backdoors for rugs. Besides that, the audits also increase their confidence that threat actors have lesser chances of exploiting the smart contracts.

How To Avoid NFT Scams

Navigating the dynamic world of NFTs can be exciting, but it also requires constant vigilance. As scams become increasingly sophisticated, it’s crucial to equip yourself with the knowledge and tools needed to protect your digital assets. Below are some key strategies you can employ to avoid falling victim to NFT scams.

1. Use Burner Wallets: Burner wallets have no assets and are used only for receiving airdrops. This limits the potential loss from scams.
2. Verify Websites: Always confirm the correct website before interacting with an NFT marketplace. Be aware of deceptive sites that mimic popular ones.
3. Research Projects: Investigate every project you invest in, considering the team’s track record and the authenticity of the NFTs.
4. Use MFA: Two-Factor Authentication to make your wallet more secure.
5. Beware Of Links: Be cautious with links from unknown sources, especially on platforms like Twitter or Discord.
6. Trustworthy Software Sources: Install software only from secure and trusted sources to prevent malware.
7. Use VPNs: VPNs encrypt browsing data, offering anonymity and greater security online.
8. Review Transactions: Don’t sign off on transactions without thoroughly understanding their details.
9. Use Hardware Wallets: Consider cold storage for large crypto assets, as they’re harder to hack.
10. Guard Your Keys: Never share your private keys or sensitive data, even if requested during an airdrop campaign.
11. DYOR: More NFT degens now adopt the Do Your Research ethos as they now research to detect if a project is a pump-and-dump scheme, fake, or a rug.

Follow @hackenclub on 𝕏 (Twitter)

Wrapping Up

NFTs have immense potential to revolutionize digital ownership, but this burgeoning space has become a hunting ground for scams. As we navigate this exciting world, it’s crucial to stay vigilant, practice due diligence, and prioritize security. Despite the challenges, the promise of a decentralized market where artists and creators can monetize their work is a worthy pursuit. As a community, we can work together to ensure that the potential of NFTs is not undermined by the actions of a few bad actors.

FAQ