To sign up for our daily email newsletter, CLICK HERE
Non-fungible tokens (NFTs) are digital assets on the blockchain. There are many types of NFTs; they can be art, music, photography, images, memes, or virtual fashion and are registered on the blockchain to guarantee payments to their rightful owners through royalties.
The NFT industry has snowballed over the past couple of years, going from $82.5 million in value in 2020 to a whopping $17 billion in 2021, and is forecasted to increase to over $80 billion by the end of 2025. However, as the NFT industry grows, so does the number of NFT scams.
In 2021 alone, cybercriminals in the crypto space stole $14 billion through various NFT scams. With such high prices of NFTs and significant investments on the line, one has to make sure to avoid them. The first step is understanding what they are and how each NFT scam works.
In this article, we will first explain what NFTs are and go through all common NFT scams prevalent in the industry, after which we will bring some real-life examples of the largest NFT scams the sector has experienced. After which, we will break down some measures to take to avoid getting scammed.
Let’s dive right in!
What are NFTs?
NFT stands for a non-fungible token, a piece of digital art registered on the blockchain. However, it’s not just art; there are many types of NFTs, and several other things can be made into digital tokens, such as music, videos, images, photography, or even a tweet.
NFTs can be resold in the secondary market, just like traditional art. What creates value in NFTs is their uniqueness, quality of the art, utility, and community behind them. But of course, the significance behind an NFT project is also affected by the general market sentiment and marketing, which is why NFTs have been such easy prey for scammers.
What is an NFT scam?
Two of the most common NFT scams are rug pulls – where project creators hype the NFT project and lure people into buying fake or low-value NFTsm, and phishing attacks – where malicious hackers gain access to crypto wallets and steal the NFTs or crypto funds. But there are several other ways criminals scam investors, and new patterns emerge daily.
Enthusiasts frequently want to find ways to discover NFT projects early to profit from buying and selling NFTs; however, it comes with a high level of risks. It is a common misconception that NFTs are protected against being replaced and that they can prove ownership: NFTs can convey ownership, but the person doesn’t actually host, own, or store the digital file itself, nor do they have the copyright or usage rights of the asset, which is why NFTs are susceptible to cyber-attacks and are easy to scam.
Types of NFT scams
Let’s explain this in a bit more detail: instead of owning the digital file, people have paid for the right to have their wallet address linked to that NFT file, but if someone steals it through a phishing attack, the one who stole the assets will appear as the rightful owner of that NFT on the blockchain. Blockchain cannot distinguish or prove if it was stolen, making NFTs especially vulnerable and susceptible to NFT scams.
Below, we’ll go through the six most prevalent NFT scams at the moment, so you can be careful next time not to fall for any suspicious deals. Remember, most of the time, and when it seems too good to be true, it is too good to be true.
1. Rug pull NFT scam
Rug pulls are one of the most common NFT scams – it is where NFT collection project founders or developers hype up the collection to make it seem like an actual legitimate project and get investors to purchase the art or invest in the project development. After receiving the funds, however, the developers drop the project and flee with investors’ money, making the NFTs worthless.
Rug pull NFT scam examples:
Rug pulls, and investor scams are widespread due to the anonymity in the Web3 and NFT space. Scammers can use this to their advantage. These scams can also be large-scale and seem entirely authentic, so a prior background check is essential.
On one occasion, a creator known as the “Evil Ape” disappeared one week after the launch of the collection “Evolved Apes.” This much-hyped project got a lot of attention and collected $2.7 million in investments. People behind the project disappeared with the 798 ETH, which was meant for project-related marketing expenses, and deleted the official Twitter account and its website.
Another example of a rug pull is when the creators of an NFT project called “Balloonsville,” a collection on Solana blockchain sold on an NFT platform Magic Eden, vanished with 5,000 SOL of investors’ funds – almost $600k at the time. Since the platform has put more stringent regulations in place, all creators are doxxed to prevent rug pulls.
In another rug pull scheme, the US government charged the two men – Ethan Nguyen and Andre Llacuna, for fraud and money laundering. They were involved in an NFT rug pull scam that defrauded investors from nearly $1.1 million. By selling NFTs in a project called “Frosties,” the pair transferred the funds to different crypto wallets and shut down the project, disappearing with the investments.
2. NFT phishing scam
NFT phishing scam is like any other phishing attack, where cybercriminals gain access to other people’s possessions by illegally obtaining their security details. With these stolen passwords, hackers gain access to their crypto wallets or exchange accounts and steal their funds and NFTs.
It can happen in various ways. For example, hackers may pretend to be customer support staff to access people’s personal information and private key or post fake adverts with links asking people to give their 12 or 24-word security phrases.
NFT phishing scam examples:
Among a row of several NFT phishing scams, on one occasion, cybercriminals stole NFTs valued at $2.2 million at the time from an art collector Todd Kramer. Another incident just shortly after involved a phishing attack where NFTs valued at an estimate of $1.7 million got stolen on the world’s leading NFT platform OpenSea.
One of the most recent large phishing attacks involved the owners of artwork from the most prominent and well-known Bored Ape Yacht Club (BAYC) and Mutant Ape Yacht Club (MAYC) NFT collections. Hackers gained access to BAYC’s official Instagram and Discord accounts and shared fraudulent links. Estimated values lost were reported by various sources to be between $3 – $13 million – the final number is not yet confirmed.
3. Counterfeit NFTs scam
Fashion, medications, household products, video games, electronics, and art – all are susceptible to being counterfeited, and the same applies to NFTs. OpenSea, the largest NFT marketplace, reported in 2021 that over 80% of NFTs on the platform are fake or copies of stolen – registering art on the blockchain cannot guarantee its authenticity.
It is essential to know that a minting process of an artwork doesn’t make it intellectual property. As many users are unaware of this fact, it is easy for scammers to trick buyers into thinking they are guaranteed to buy a unique asset. Criminals sell stolen or copied artwork on NFT platforms, bought by unsuspecting users, and after the purchase, these NFTs become valueless.
Counterfeit NFTs scam examples:
One example discussed in the media is when an online auction site Nifty Gateway tweeted a link to a video, “House of Marcial,” which showed a space full of the world-famous artist Ai Weiwei’s sculptures. However, none of these were approved in any way by the artist.
There have been several cases where copied artwork from digital art platform DeviantArt was discovered being sold on the NFT platform OpenSea. For example, artwork copies of a well-known artist Qing Han were discovered on the platform, and Aja Trier, an artist from Texas, United States, found their artwork listed on OpenSea as NFTs, sold for around $10 per piece.
4. NFT pump-and-dump scheme
Pump-and-dump schemes have been a problem for other more mature assets like stocks. However, they are now also prevalent as one of the main types of NFT scams. These kinds of schemes are growing due to the newness and popularity of NFTs.
NFT pump-and-dump scheme is where a group of holders of a low-value or non-existent value digital asset encourages others to buy into them to grow its value, artificially driving up the price. There are two types: first is where a group promotes low-value NFTs by “talking up” their value through social media communities on Discord or Telegram.
The second type is where insiders drive up the value while selling them slowly for a profit in the background. Unsuspecting investors buy into the low-value NFTs. After which, the group of insiders that promoted them artificially would sell these NFTs with a profit, making the values plummet and leaving investors out of pocket.
Example of a NFT pump-and-dump scheme:
A comparable example from the cryptocurrency world is a class action lawsuit against celebrity influencers Kim Kardashian and boxer Floyd Mayweather. They were incentivized to promote a coin called EthereumMax, which was, in reality, entirely unrelated to the Ethereum blockchain. After promoting and marketing it, its creators dumped the coin, after which it plummeted in value – a pump-and-dump scheme.
Even though there have been fewer instances known to the public or discussed in the media with NFTs, several smaller-scale scams go around in the background in Discord and Telegram communities. So-called “NFT promoters” get users from third-world countries to follow the project through giveaways. After getting a ton of followers, they promote the NFT project through influencers and celebrities, after which they dump the projects and take off with the money from people who thought they were investing in good NFT projects.
How to avoid NFT scams?
After a rug pull project, Balloonsville, which was listed and sold on an NFT platform Magic Eden, the platform launched a new verification system that verifies all of its sellers – all are doxxed before listing them to avoid such scams in the future. Ethereum also announced their new token standard, ERC-721R, which would allow those minting NFT to get a full refund within 30 days of purchase. And to tackle counterfeit NFTs, a company called MarqVision is working on an AI-powered IP protection service to protect the artists.
Could these be the solution to stop or at least reduce NFT scams?
Even though NFT platforms like OpenSea and Magic Eden and individual companies are scrambling to develop a bullet-proof solution to stop NFT scams in all forms, it is rather challenging to weed out malicious players completely.
These solutions are still in the testing phases, and it might take a while for a single solution to be fully effective. Either way, it is always crucial to DYOR – Do Your Own Research, and take the steps below to avoid falling for NFT scams.
- Research, research, research;
- If you are buying into a risky project, use a burner wallet to protect your funds;
- Check the founder’s profiles;
- Check their social media accounts and whether they are active;
- Check news & media if there have been any publications writing about the project;
- Make sure founders are doxxed; anonymous founders tend to be a red flat for illegal activity;
- If the person is public, still check their profile and make sure exactly what their background is, what they’ve done before. Remember, the fact the person has a name doesn’t necessarily mean they are honest about their project;
- Look up their personal information, their LinkedIn profile, for example, to understand who is developing the NFT project;
- Check if/what is the utility of the project, whether they have added value;
- Celebrity promotions tend to be a red flag;
- Check community discussions and if they seem real;
- If you are selling your NFT on a secondary market, then make sure you are buying it in the correct currency;
- Check Reddit and Twitter to see if there have been any previous warnings, comments, complaints about the project or its developers;
- Before buying, make sure to buy from a verified account; they usually have a blue tick after their account name;
- Make sure the artwork is good, unique, and original (not a copy).
- Research, research, research.
Do your due diligence before investing in NFT projects. It is hard enough to value NFTs due to their vague pricing, as we saw from Twitter founder Jack Dorsey’s first tweet dropping from an astonishing $2.9 million in value to the highest bid currently at a mere $6,800. With so many NFT projects ending up a scam, finding a good (and real) project becomes harder. So, do your research, avoid opportunities that are too good to be true, never click on a suspicious link, and never share your personal security information with anyone.