With numerous NFT scams on Web3, we must educate ourselves on the most common types of traps out there and how to avoid NFT Scams.
While the first recorded NFT called ‘Quantum’ was minted by Kevin McCoy in May 2014, it was not till 2017 that NFTs went mainstream and exploded onto the world stage during the height of the COVID-19 pandemic in 2021.
NFTs are unique digital tokens that can be transacted on blockchains. Because it is non-fungible, each NFT in a specific collection is different from the other, some with traits that are rarer than others. This gives NFTs an element of rarity and scarcity, which crypto tokens don’t have.
With over $40 billion spent on NFTs in 2021 according to Bloomberg, it is not surprising that this loosely regulated billion-dollar industry is attracting scammers like a kettle of vultures. Countless small and large-scale NFT scams have taken place since then, with one of the more infamous rug pull scams happening in early January 2022 known as ‘Frosties’ that cost investors nearly $1.3 million worth of Ethereum.
What are the ways to avoid NFT scams?
Every time we choose to interact with a smart contract, we are putting our crypto wallets at some risk, it is just how big that risk is.
Hackers can create a fake website promising a free airdrop or free mint only to have a smart contract that will “set approval for all” when users connect their wallets to the dapp. This grants the hacker unlimited access to the users’ wallets to siphone their crypto and NFTs out to another wallet.
The way to avoid smart contract hacks is to use a ‘burner wallet,’ a hot wallet that contains minimal funds, perhaps around 0.3 ETH, and no NFTs inside. This burner wallet will be used on a regular basis for interacting with decentralized apps and smart contracts such as minting or buying degen NFTs. If that burner wallet gets compromised, the most you will lose is the ETH inside that wallet.
While it might be a burner wallet, we would still recommend getting yourself a crypto wallet with high-security features. Just because you are willing to lose that wallet does not mean you should compromise on its safety.
Discord is the central gathering place for NFT communities; this is where like-minded enthusiasts and people interested in specific NFT projects gather to discuss, learn more, and receive updates on an NFT project.
It is also where wolves lurk, waiting to prey upon people who cannot resist an offer that is too good to be true. Scammers rely on social engineering that takes advantage of people’s human nature.
They send you a DM telling you that your crypto wallet has been compromised or that there is a free mint selling out fast. You then innocently click on a link that sends you to a website requesting for your seed phrase to ‘recover your account’.
One simple trick preventing you from falling prey to social engineering in Discord servers is to turn off your DMs (Direct Messages) on all Discord servers.
NFT project team members and moderators will never DM you about project updates. All these will be done in the proper announcement channels within the Discord server.
These scammers use your emotions against you by inciting FUD (Fear, Uncertainty, Doubt) or FOMO (Fear of Missing Out).
If you have been in the NFT space for some time, you might have had occasions when you were on your Opensea account admiring your lovely NFTs, and you suddenly noticed an unexpected ‘new’ NFT in your collection.
Wow, you had a free airdrop! That’s great, you should sell it and earn some free cash, right? Wrong! If you decided to sell that suspicious NFT, you would have triggered a malicious smart contract to send all your wallet’s assets to a hacker.
It is a possibility that this sudden unexpected NFT could be a genuine free airdrop, especially if you are holding some expensive blue chip NFTs. Furthermore, we can’t monitor the Discord servers all the time, and we might have missed out on an announcement for an airdrop.
Therefore, when you receive a sudden unexpected NFT in your account, check the name of this ‘new’ NFT if it corresponds with any of the Discord servers you are in. If it does, check the announcements in that Discord server or ask any of the mods if there had been a free airdrop. If they confirm that the airdrop is from them, you can go ahead to sell it or even use it as your Twitter PFP! Otherwise, just hide the scammy NFT from your profile so that you don’t accidentally interact with it!
The only time you will ever need to use your seed phrase or private keys is when you are importing your existing wallet into a new device or new browser.
Other than that, if you received warning messages, tweets, or emails that your wallet has been compromised and needs to be recovered by entering your seed phrase into a website, that is a red flag for a phishing website.
Even if the website looks exactly like the official wallet website, just know that the developers of the wallet will never ask for your seed phrase (unless you are importing your wallet into a new device).
There are multiple ways to make money online, and trading NFTs is just one of them. With Web3 and NFTs still in their infancy, it does not have stringent regulations yet. You can either profit very quickly or lose all your assets in an instant.
As with everything else in life, if something looks too good to be true, it usually is. With numerous NFT scams out there, stay away from promises that will make you a lot of money quickly or threats that your account has been affected. Always stay vigilant and invest safely!