Non Fungible Tokens (NFTs) are the most notable in blockchain innovation. The NFT craze may have cooled, as sales of art-related NFTs fell from $2.9 billion in 2021 to $1.2 billion in 2023, a 51% drop.
Despite this decline, the market remains significantly larger than in 2020, when sales were only $20 million. This led to a surge in NFT scams, and thus a record breaking google search for “NFT scams” during the first week of January 2022.
What is NFT?
NFTs are unique digital assets verified through blockchain technology. Each NFT represents ownership of a specific digital item, such as art or video.
The image above shows that Beeple’s “Everydays: The First 5000 days” is an NFT that consists of a collage of 5000 digital images created by Mike Winkelmann over 13 years, auctioned for $69 million dollars. This NFT is stored on the Ethereum blockchain, which verifies its authenticity and ownership.
Only the NFT owner has exclusive rights to this unique digital asset, even though anyone can view the artwork online. Unlike crypto, which are interchangeable or fungible, each NFT is one-of-a-kind and cannot be exchanged on a one-to-one basis, thus making it non-fungible.
NFTs are widely recognized for their tamper-proof properties and secure ownership verification. However, despite these strengths, fake NFTs do exist. Some individuals have found ways to outsmart the blockchain system by fraudulently claiming ownership of assets they did not create or own.
Here are the key properties of NFTs:
- Verifiability: NFT ownership and metadata can be publicly verified.
- Transparency: Activities like minting, selling, and purchasing are visible.
- Availability: The NFT system operates continuously, keeping tokens available for trade.
- Tamper-resistance: Metadata and trading records are securely stored and immutable.
- Usability: Ownership information is current and user-friendly.
- Atomicity: Transactions are completed consistently in one process.
- Tradability: NFTs and related products can be freely traded and exchanged
Fraud in NFT
So as we learned about the remarkable rise in NFTs, it is time for us to understand why the NFT market is garnering so much attention from fraudsters. Despite efforts to avoid scams, the increase in crypto and NFT fraud is closely linked to the market’s expansion.
With each new development, scammers unleash their more creative side in finding ways to exploit the system. So, what are the most common types of NFT fraud, and how can you protect yourself? Let’s explore the answers and learn some general, easy ways to spot an NFT scam!
NFT scams and Frauds Types
-
Phishing Scams
This is the most common type of scam, where an imposter sends an email that looks like it is from OpenSea or any other reputable platform, asking users to verify their wallet details. The email contains a link directing to a fake website that looks legitimate, just like the real OpenSea Platform.
This active form of phishing lures users to enter their seed phrase, or private key on the fake site. The scammer successfully gains access to their wallet, stealing NFTs and funds. Below are images of what the email looks like.
The dangerous technique called homograph phishing is used to resemble the original domain. It is hard to spot that this website is not the original one.
Upon looking closely and squinting your eyes, you can see they only change 1 letter, and voila, you realize that it’s the problematic ‘ê’.
Now that you are aware of what this type of scam looks like, it might involve impersonation, and bogus emails, keep that in mind—we’ll explain how to spot and avoid it, later in the article.
-
Rug Pulls
The NFT project “ Evolved Apes” was promoted heavily on social media, promising a fighting game and attractive rewards. After raising over $2.7 million, the anonymous creator disappeared, abandoning the project and taking funds with them. Investors were left with NFTs that had no values and no prospects of game being developed. Recently, they have been sentenced to 40 years in prison for committing such fraud.
This is what rug pull scheme is, developers create and hype an NFT project to attract investors, then abruptly abandon it after collecting the funds. This leaves investors with worthless tokens and no recourse, as the project vanishes overnight.
-
Counterfeit NFTs
Counterfeit NFTS are digital replicas that mimic authentic assets but lack genuine authorization or ownership. Mason Rothschild created and sold digital versions of Hermes famous Birkin bags as NFTs, calling them “MetaBirkins”, without Hermes’ consent. These NFTs were priced at $24,000 each and sold on the OpenSea platform.
The fake version of these MetaBirkins also surfaced, deceiving buyers into purchasing counterfeit NFTs. Hermes sued Rothschild for trademark infringement and rightfully criticized the NFT system for not preventing these fakes.
Rothschild claimed to be a victim too, as counterfeiters earned a profit of $35,000 by selling fake versions of his NFTs. Because blockchain transactions are complex, buyers of these fakes might not get refunds.
-
Pump and dump schemes
As the name suggests, pump is to hype it up and dump means crashing the token’s value. Every pump and dump scheme follows a simple motif, according to Adam Carlton, CEO of Pink Panda.
Scammers create a token, hype it up on social media with memes and tweet promotions, and list it on platforms like CoinGecko or CoinMarketCap to attract a wider audience. As more people invest, they may use influencers or ads on buses and billboards to boost visibility.
Eventually, they try to get the token listed on major exchanges like Coinbase or Binance, targeting a large audience for maximum profit before selling off and crashing the token’s value.
-
Airdrop Scams
This tactic plays with people’s emotions because who does not get excited hearing “free giveaways”. This involves sending unsolicited NFTs or tokens under the guise of free giveaway. When recipients interact with the airdropped asset, they may inadvertently give scammers access to their wallets or expose themselves to phishing attacks.
It is like a dark web of scams. A scam within another scam, playing with the psyche of people to manipulate and lure them.
-
Wash Trading
NFT wash trading is a deceptive tactic where traders artificially increase an NFT’s value by repeatedly buying and selling it between accounts they control. This creates the illusion of high demand, misleading potential buyers about its true value.
In late 2023, wash trading made up over 40% of transactions on NFT marketplace Blur, according to data from DeFiLlama. This sharply contrasts with competitor OpenSea, where only 0.5% of trades were identified as suspicious during the same period.
This tactic is illegal in traditional financial markets but can be harder to detect in decentralized platforms where anonymity is common.
How to Prevent NFT scams?
While we have learnt the most common NFT scams and frauds, let’s see how these can be prevented by implementing some practical steps.
-
Verify authenticity of projects
Verification is the most important aspect to save your NFTs. Always check for a project’s legitimacy by reviewing its website, social media presence, and community discussions. Look for real-world partnerships, audits, or reviews.
If in doubt about impersonation, try to match the domain by finding the original website.
One easy way to figure out a fake website is to check inconsistencies in UI or frontend.
Fake or fraudulent websites often have poor design elements, such as, mismatched fonts, colors, and layout, broken or non-functional links, low-quality images, spelling or grammatical errors
-
Use Reputable Marketplaces
Stick to well-known NFT platforms like OpenSea, Rarible, and Foundation, where security measures are in place to minimize scams.
Don’t just give into the hype. Investigate the project’s team and their history in the NFT space. Avoid anonymous or unverifiable teams.
-
Beware of pump and dump schemes
A common telltale of a pump-and-dump scheme involves groups of social media posters with similar usernames, sharing copy-pasted messages. Once the scheme ends, they vanish, maintaining their anonymity.
However, some fraudsters now reveal their identities (“doxxing”), conduct large fundraising rounds, and never fully inject that money into the project. They might raise millions but keep most of it, relying on investors’ short-term focus on quick returns. These schemes often target communities in digital asset spaces like Discord.
-
Avoid Suspicious Links and Unverified Emails
Be cautious of phishing scams through emails or social media DMs. Always access marketplaces and wallets directly from official websites. See below how an email header in a phishing email could look like.
A small yet valuable tip to spot fake emails and identify the real sender is to check the email header. Email headers contain hidden information about the email’s origin and path it took to reach your inbox. By examining the header, you can reveal the actual source of the email, which may differ from what is displayed in the visible “From” field.
-
Safeguard Wallet Credentials (Avoid Sharing Private Keys)
Never share your private keys or seed phrases. Keep them stored offline and secure to prevent unauthorized access.
-
Enable Two-Factor Authentication (2FA)
Set up 2FA on all platforms that support it, adding an extra layer of security for your accounts.
-
Beware of promotion tweets
Tweets, like these as shown below, are mostly hoax and these accounts are mostly spam or bots, posting every second.
Example of a promotion tweet shared by an NFT promoter account advertising a sweepstake competition for a period of one day. Users who retweet this tweet and follow
the tagged NFT project have a chance to win 1.45 J (million) worth of a cryptocurrency token worth $100
Artificially boosting engagement metrics for NFT collections may create a misleading impression of their popularity, which could entice inexperienced buyers into investing. The lesson here? Be wary of exaggerated claims and inflated engagement numbers.
Conclusion
Keeping yourself aware of security updates is important. We at BlockApex aim for maintaining the highest standards of security through research, and best audit practices. Reach out to us today!
