Non-Fungible Tokens or NFTs are witnessing steady growth from the beginning of 2021. While NFTs took six months to reach $2.47 billion, a single NFT platform recently made $1 billion in 7 days. However, but hacks and scams have accompanied this massive influx of liquidity in the market.
In 2021, DeFi frauds resulted in losses worth $474 million, including $113 million in ‘Rug Pulls’ and $361 million in scam coins. Despite the success, NFT scams have contributed significantly to the total funds lost in DeFi hacks. For instance, a counterfeit Banksy NFT was sold for $300,000, while someone hacked into Beeple’s ‘Everyday,’ as well. In light of these incidents, it is essential to understand and avoid various NFT scams.
I know we’re all excited because this new industry is seemingly making a lot of people rich by flipping NFTs But to make money, you need to know how to protect it too. Thus, in this article, we will describe four types of NFT scams and how to avoid them.
1. The Rug Pull
In this popular NFT scam, the developers of an NFT project abandon it midway and disappear with the investor’s money. Rug pulls are common in the DeFi sector as malicious developers take advantage of trustless and permissionless platforms.
NFT project developers create hype on social media channels like Twitter and Telegram to execute a rug pull. Besides speaking highly about the coin’s potential and promise, they inject some liquidity to give a false sense of success. Sometimes, the prices of these coins rise 50x in just one day. Unwary investors join in flocks, succumbing to their fear of missing out on high returns.
Unnecessary hype and sudden spike in coin prices are indications of a conducive rug pull situation. Therefore, you need to keep a close watch on the liquidity pool and check if they have a lock on the token’s liquidity. Long-term projects always lock their pooled liquidity for a fixed period to prevent rug pulls.
2. Fake Website/Wallet
Another big NFT scam is the sudden mushrooming of online replica stores and fake NFT websites. These websites look similar to the original ones with minor, often undetectable changes. However, once you log in with your credentials, the hackers begin their work. They can tap into your phone, get access to your credit cards, and extract all your money.
On 5th September 2021, for instance, an NFT enthusiast lost around 5 NFTs when hackers gained access to this Metamask wallet. Suspicious domain registrations have grown by 300% this year indicating the rise of fake website scams. Replica NFT websites often use domain names containing ‘nft crypto’ or ‘nft trade’ — behind stunning websites, hackers wait to carry out typosquatting attacks.
Fake NFT stores are also a viable gateway for hackers to carry out NFT scams. These websites often don’t use the correct logo and sell NFTs that do not even exist on the blockchain. In such cases, hackers take advantage of the NFT craze and user’s negligence to sell these fake NFTs. Thus, you should always double-check the domain name for any spelling or typing errors. Also, look at the website carefully before you enter your details. In short, perform due diligence.
3. Unverified Projects On Social Media Platforms or Opensea
Fake websites aren’t the only way NFT scams happen. Sometimes they occur through fake groups impersonating the original brand on social media. At other times, counterfeit NFTs are hosted on an artist’s website, like what happened with Banksy. Usually, hackers create dubious domain names like ‘banksynft.com’ and forward them to designated fake social media groups.
Hackers often target social media channels like Twitter and Telegram to defraud crypto users. They set up new groups claiming to be the official community or support group. The hackers then send dubious domain names and spread the word about free NFT airdrops in such groups. Beware! As soon as you click on these links and give your information, they will hack your crypto wallet, draining the funds.
One way or another, you can do your part to stay safe. Big platforms with a large number of followers will have a blue tick beside their page. Newer projects might not have the blue checkmark, but you can always do a rigorous Google search to find out.
The blue checkmark isn’t only important on social media. Popular NFT trading marketplace Opensea also uses the blue checkmark to let its users know the project is verified. If it doesn’t have the blue checkmark, it’s probably a fake NFT series that tried to trick you into buying a non-original. This screenshot shows the blue checkmark for the Bored Apes Yacht Club:
While the next screenshot shows different series of Apes without the blue checkmark:
Other than the checkmark, you can usually spot a fake series due to low volume, items and a few holders. While the original series will have volume, items and holders in the thousands.
4. Re-minting Burned NFTs
Another prevalent form of NFT scam is minting already burned NFTs. The Al Cabone NFT drop faced this problem, and they had to issue a warning on their Discord channel. Unfortunately, the smart contract had a flaw that allowed people to mint an NFT even after burning. Thus, the hackers dumped the re-minted duplicate NFTs while claiming the real ones. Over 4000 NFTs got re-minted and sold on the secondary market again.
To conclude, one thing is the most evident from the preceding discussion. You should always keep a close check on the NFT project’s official social media channels for the latest security updates.