A record $4 billion was sold in global NFT sales in January.
Confusion about space scams erupted at the same time, like the stench of a burst trash bag: Google searches for “NFT scam” reached an all-time high the week of January 1. Rolling Stone asked experts for advice on how to avoid costly blunders in the midst of hordes of people buying in — some more tech-savvy than others.
Georgio Constantinou, who discovers, builds, and produces crypto projects”:
, says that “as more money flows into the metaverse, so do bad actors hoping to extract value at the expense of everyday crypto users.” People need to be cautious in a decentralised ecosystem because cryptocurrency scams are becoming increasingly sophisticated. Scams come in a variety of forms, and it’s critical to be aware of them in order to stay safe.
STORIES IN CONNECTION
- ‘Hey Jude’ Notes by Paul McCartney Sold for More than $76,000.
- Instagram has banned @NFT’s account, and the Blue Check Mark is cursed.
- Turn off direct messages on Discord.
The Trojan War is said to have begun when the goddess Eris threw a golden fruit known as “the apple of discord” into a gathering of revellers who were feasting. Even on the decentralised online network of Discord servers, a link that looks like the real thing can be just as alluring as a bogus one.
One of the most common NFT scams involves hacking into a victim’s Discord account.
An administrator-level Discord server is breached, and the fake minting link is posted in the announcements channel. “Due to high demand, we are releasing 1,000 more NFTs,” says Constantinou, who says the message usually appears to come from a project organiser and offers a deal that seems too good to be true. Hackers are often drawn to collections that are already out of stock, because they have the power to stoke demand. A surprise minting of additional NFTs won’t be done once the collection has sold out, according to him.
For the most part:
Constantinou points out, the project’s primary website is the only place where “sketchy URLs” will not be allowed to mint coins. Constantinou also recommends disabling Discord’s direct-messaging feature. Discord hacks are a great opportunity for scammers to get in touch with members of the community, according to RAC, a longtime crypto enthusiast, musician and co-founder of Six, a Web3 consultancy firm. “They’ll immediately get like five DMs from scammers,” he says. According to Constantinou, “Project teams will never DM you first.” For the most part, it’s best practise to assume that everyone you meet is dishonest.
Be cautious with the use of your personal identification number (PIN).
In order to create an NFT, a bogus Discord link will likely ask for Ethereum (ETH) tokens, but the perpetrator will run off with the money if they also ask for a seed phrase, which is a secret string of words used to gain access to a crypto wallet. It’s possible that some people will rush to mint the fake collection and lose more than just their ETH, says Constantinou. “In many cases, they will also lose tokens and NFTs,” he adds. “Your private key should never be in the hands of anyone else,” says RAC. What a monster.” People are being defrauded of their hard-earned money.
Discord is not the only place where phishing can occur.
You wouldn’t give your social security number to just any old emailer, says RAC of the NFT space right now. Hardware wallets, USB-sized, tangible devices that can be plugged into a computer, are recommended by Constantinou, and he recommends the brands Ledger and Trezor. If you don’t use a browser, a hardware wallet saves you from having to type in your seed phrases. The saying goes, “It’ll keep you safe from yourself.” Whenever possible, he also advocates for the use of two-factor authentication, as well as the use of lengthy passwords. (He recommends using 1Password to store your passwords.)
In spite of the fact that Constantinou hasn’t been a victim of identity theft:
he’s heard horror stories about scammers posing as representatives of well-known NFT marketplaces like OpenSea and Metamask. The “representatives” told their victims they had been randomly selected to receive a surprise airdrop of virtual goods, directed their victims to a fake login page, and asked them to sign in, he says, in some of these cases He advises people to only download and interact with wallet extensions from the official websites of the companies that make them. “Triple check the reviews” if you’re using an app. If you’re just browsing, take a close look at that URL.
Be wary of airdrops:
Additionally, airdrops may have malicious code embedded in them. Tokens are regularly airdropped into RAC’s online wallet, which he says is a perk of being a prominent figure in the space. In order to get you to visit his website, he says the token’s name is a URL. It is their intention for you to believe that you received these free tokens because you were a good customer. Go ahead and put them up for sale on this website for me.’ Because everything is programmable, these tokens cannot be sold. When you’re forced to give them access to your money, they’re able to steal your money.” At any time, anyone can send tokens to anyone else. The owner of the wallet, like the owner of an email inbox, does not have to approve or accept a transaction. He advises that the best course of action is to ignore it. Then, ”
That’s my job.”
Airdropped tokens, on the other hand, can actually be used as smoke and mirrors. For example, a project may airdrop tokens into the wallet of an influencer to make it appear as though the influencer has invested in the project, implying that the influencer supports it.
Watch out for rugs
It’s become a major issue when collections are half-baked or faked. It’s called a “rugpull” in the NFT community if a person or group of people raises millions of dollars for an initial set of basic NFTs and then runs off with the money before the promised steps can be taken. It’s unlikely that the creators will be held responsible for the financial losses of sheeple if all they promise is an NFT that can later be used to unlock additional benefits. When a project has a well-thought-out online hub, Constantinou gets behind it wholeheartedly. According to the author, “If a project appears to have been launched in just one day, and its website is unusable, there’s always a risk that it is merely an attempt to raise money.”
If a malicious smart contract is attached to a Ferrari:
the experience of paying for the vehicle and receiving Hot Wheels is made even worse. When this occurs, Constantinou recommends visiting a website called revoke.cash, which is a tool that allows wallet owners to see which websites have permission to interact with their wallets and revoke those permissions. It’s important to note that revoke.cash cannot return lost money, but it can prevent the same thing from happening in the future—and if you realise that you’ve fallen for a scam quickly enough, you may be able to stop the hacker before they’ve had a chance to carry out that part of their plan.
Do not hesitate to ask questions of anyone or anything.
Since she debuted her first NFT series last year and has since turned collector, visual artist Ragzy says she always looks for a “fully doxxed team” before she gets involved in any project, which is one that is composed of well-respected people and has publicly identified them.
” She claims that “no one knows who to hold accountable” for the actions of uncoordinated teams.
“A lot” of rug-pullers are naming themselves after Ragzy’s second TikTok, which he uses to teach Web3 beginners about NFTs. That raises a red flag for her. When it comes to hypothetical cat collections, she offers the following: If Lead Cat 1 and Blue Cat 2 had no connection to each other, it would be like Lead Cat 1 and Blue Cat 2. Ragzy pushes crypto’s golden rule of doing the research. She says, “Take a look at their backgrounds.” “How well-known are they in this field? Was there a new project that was a success? Who is the creative force behind this work? Take a look at the work of art. Is it a good translation?” This sentiment is echoed by Constantinou. It’s not safe to put your faith in me. It’s important that you double-check,” he insists. “Take your time and make sure you’ve checked everything three times.”
Even if a well-known person is listed as a team member on a project’s website:
this does not imply that they are affiliated with the project. In other words, she approaches everything with scepticism. “Who are the people investing in this project and do they want to see it survive longterm—or are they going to dump their NFTs
Additionally, Ragzy points out that if there is no clear value to the project:
social media numbers don’t mean a whole lot. If the common goal is to buy the NFT and flip it, “that’s not really a community,” she explains. “Communities come together for a common purpose,” she continues. Of course, celebrity endorsements and social media followings can be purchased. Many celebrities are being asked to promote NFTs and other cryptocurrencies, and they’ll have no idea what they’re talking about. They’re not to blame. They’re treating it as if it were a paid advertisement. To me, it makes no difference that they’re endorsing it as though they’re involved in the project. The fact that a celebrity endorses or creates a project does not guarantee that it will succeed.”