In the digital age, the landscape of cybersecurity threats is evolving at a breathtaking pace. One area that has seen a surge in illicit activity is the world of NFTs (Non-Fungible Tokens). As these digital assets gain popularity and command high prices in the cryptocurrency market, they have unfortunately become attractive targets for cybercriminals. In this article, we will delve into the realm of phishing, malware, and most importantly, NFT scams.
Being aware of these scams is the first step to protection. It is always crucial to verify NFTs before purchase, check the seller’s history and social media profiles, and exercise caution when asked to enter.
Common Online Threats in 2023
Two of the most prevalent online threats today continue to be phishing and malware attacks. Phishing is a type of cyber threat where attackers impersonate legitimate organizations to trick people into providing sensitive information. In 2022, 67.7% of end users clicked on the link in the phishing email, and 90% of data breaches were the result of phishing attacks. Additionally, 96% of phishing attacks were delivered via email, and over $500 million in losses per year resulted from phishing and business email compromises.
Malware, or malicious software, is another major threat, with 5.4 billion attacks recorded in 2022. These attacks can target specific entities or individuals and often lead to data breaches and leaks of confidential information. The US sees the most malware attacks annually, nine times more than the UK, which is second on the list. It’s also worth noting that 40% of these attacks result in confidential data leakage.
The Evolution of Online Threats
Phishing and malware attacks have evolved and grown more sophisticated over the years. The age group that fell most for phishing emails in 2022 was 18-24. The top goal of phishing attacks was credential theft, making up 51.8% of all attacks in 2021. Interestingly, 50% of people who fell for a phishing email said it was because they were tired or distracted. Security firm Slashnext estimated that there would be 255 million phishing attacks in 2022.
Types of NFT Scams
NFTs or non-fungible tokens have emerged as a new frontier in the digital world. However, they have also brought about unique types of threats. Some of the common NFT-related scams include plagiarized NFTs, NFT giveaways (also known as airdrop scams), investor scams, and customer support impersonation.
- Plagiarized NFTs: These are unauthorized copies of another artist’s work sold as original NFTs. A recent report from OpenSea suggested that over 80% of NFTs minted using its tool were fake, causing significant devaluation when their true nature was revealed.
- NFT Giveaways or Airdrop Scams: Fraudsters ask you to promote an NFT and sign up on their website in exchange for a free NFT. They send a link asking you to enter your wallet details to receive the prize, which they then use to access your NFT collection.
- Investor Scams: Fraudsters create seemingly legitimate NFT projects and tout them as worthwhile investments. After accumulating enough investor funds, they vanish. A notable example is the Evil Ape investor scam, where the anonymous NFT creator disappeared with 798 Ether (ETH) worth over $2.7 million.
- Customer Support Impersonation: A type of phishing scam where fraudsters pose as customer support agents for an NFT marketplace. They contact you with an issue regarding your account and then send a link to a fake NFT marketplace that requires you to enter your private wallet keys.
How to Avoid an NFT Scam?
Avoiding scams, especially in the rapidly evolving world of NFTs and cryptocurrencies, requires vigilance, education, and a healthy dose of skepticism. Here are some tips to help you avoid falling victim to scams:
- Research Thoroughly: Before investing in any NFT or cryptocurrency, make sure you fully understand what you are investing in. Research the NFT, the creator, and the platform where it’s being sold.
- Check the Authenticity: Make sure the NFT you’re interested in is authentic and not a copy of someone else’s work. Check the provenance record on the blockchain to verify the original creator.
- Secure Your Wallet: Use a secure digital wallet, and never share your private keys with anyone. Be wary of anyone asking for your private keys or password information.
- Beware of “Too Good to Be True” Offers: If a deal or investment opportunity seems too good to be true, it probably is. Be wary of promises of high returns with low risk.
- Avoid Unfamiliar Links: Don’t click on links from sources you don’t trust. Phishing scams often involve directing victims to fake websites where their information can be stolen.
- Be Skeptical of Unsolicited Offers: Be wary of unsolicited offers, especially those that pressure you to act quickly or promise unusually high returns.
- Use Trusted Platforms: Buy and sell NFTs on well-known, reputable platforms. Be wary of new platforms with little or no track record.
- Verify the Identity of Sellers: Make sure you’re dealing with the actual owner of the NFT before making a purchase. Scammers may impersonate legitimate sellers.
- Engage with the Community: The NFT and crypto communities can be valuable resources. Engage with these communities to stay informed about potential scams and learn from the experiences of others.
- Consider Using a Cold Wallet: A cold wallet, which is not connected to the internet, provides additional security for your crypto assets.
As technology evolves, so do the cyber threats that come with it. The rise of NFTs has introduced new types of scams, but traditional threats like phishing and malware attacks remain prevalent. It’s essential to stay informed about these threats and exercise caution when dealing with unfamiliar emails, websites, or online transactions.
Featured image by regularguy.eth on Unsplash
