NFT Scams: What Are They, And How Do They Work?

NFT scams are scary. The best way to protect yourself? Knowing what to watch out for. This guide covers several common NFT scams people have fallen for.
Scams - 1500 x 750.png

Non-fungible tokens (NFTs) have caught on like wildfire this past year. And NFT scams have trailed close behind. Does this mean that NFTs themselves are scams? Nope. That's like saying art is a scam because someone made a forgery of the Mona Lisa. 

Sure, NFT scams have proliferated. But that's because where value accrues quickly, so do the vultures. And in a new and rapidly maturing industry like ours, is the presence of scams really that surprising? 

This article doesn't dive into the question of whether NFTs themselves are a scam. (They're not.) Now that we've got that out of the way, let's take a look at some actual scams that occur in the crypto space, and how you can protect yourself as a collector and investor.   

Most common types of NFT scams

Most NFT scams are actually scams that first appeared in the real world in some form. The scammers then moved over to crypto, and now, to NFTs. So, we can think of NFT scams as simply a continuation of the various types of scams we've seen in the past.  

Discord

Direct messages (DMs) on Discord servers are notorious for scams. (The same applies to Telegram and Twitter.) Say you join the official channel or group of one of your favorite NFT projects. Every once in a while, you can be sure to receive an invite from some "admin" of the highly coveted NFT project. He can't wait to tell you about that special NFT whitelist spot you won. ("Just click on this link to mint your NFT!"). 

Don’t do it. No matter how shiny that button may look. No matter how much drool you’ve got to wipe off your chin. That’s the button that should read, “Click here to say goodbye to all your assets.”

Image credit: Ella Don  |  Unsplash 

If you haven't tuned your settings properly, do so right away. Disable your DMs to protect yourself from these web3 opportunists. Real quick, this is how you do it. 

  1. Go into your user settings. 
  2. Under the “User Settings” tab on your left-hand sidebar, click on “Privacy & Safety”. 
  3. Under “Server Privacy Defaults”, make sure to uncheck “Allow direct messages from server members.” You’re all set!
     

Image credit: Valerio Puggioni  |  HODL Content

And assume everyone is out to scam you and steal every digital asset you own, unless proven otherwise. FYI: They're out to get your private keys (i.e., your seed phrase and password to your crypto wallet) as well. So make sure that your private keys stay private, as the name suggests.  

Rug Pulls

Ah. The staple of NFT project scams. Have you ever heard the adage, "Underpromise and Overdeliver"? Here, it's "Overpromise and don't deliver." 

Let's go with a made-up example. Say a friend tells you about this amazing crypto game, "Salmon Wars", with 100X potential, but you have to buy in now. It isn't a fully functioning game yet, but the limited character NFTs go on sale every 2 weeks. The roadmap looks solid, with promises of land sales coming soon.

And the white paper? Oh, it sells you on all sorts of magical promises! You get to be one of the many Salmon warriors with varying characteristics. Legendary. Rare. Unique. Muscular crustaceans. Sexy sea urchins practicing voodoo. There's PVE and PVP. You have Profession quests too. 

If all this sounds familiar, that's because GameFi = many elements of traditional RPG + DeFi elements. And if this is all that the roadmap's got to offer, you’ve got to ask yourself a question. What's so special about this game compared to all the other NFT games about sea creatures going to war?  

Whatever your assessment, consider this: Rug pulls go to zero. So make sure to DYOR.  

Airdrops

Do you like gifts and free stuff? Us too. If you’ve ever opened your wallet, and to your surprise, you found six figures worth of tokens you’ve never heard of before, no one could blame you for thinking you were the beneficiary of an amazing airdrop... but for what, exactly?

Run a quick Google search of the tokens. You just might find news about investors who attempted to cash out these tokens, and would quickly find all their funds drained from their crypto wallet. So a word of caution: Fake giveaways work for a reason, but the real giveaway is taking place with your assets. 

So when you do see these “amazing” tokens in your wallet, the best thing you can do is hide them. If you can’t hide them, don’t interact with them. There are also plenty of platforms and protocols that do allow you to hide scam tokens, so if you don’t have this option, consider moving to a place where you do. 

Tech Support

This scam is common on Reddit and Discord. Post a question on a crypto subreddit, and within minutes, you’ll receive messages from "Solana technical support". (Replace with any other chain or wallet or protocol. The result is the same.) 

Image credit: Tima Miroshnichenko |  Pexels

This type of scam involves scammers impersonating a helpful authority figure. They offer to assist you with your issue, and somewhere along the line, you’ll unwittingly share your seed phrase.  

Suspicious links

Clicking on suspicious links is related to what's known as a phishing scam. These links are usually found in emails but can also be sent through Discord. (That's how one Opensea user had his wallet drained of his Bored Ape!) 

Scammers can also send you this type of message on social media. Alternatively, these links can be found on websites that are a carbon copy of the original. The intent is to fool visitors into connecting their wallet, so that the scammers can drain their funds. (Not SAFU.) (By the way, we’re coming out with a glossary of NFT terms soon, but this crypto slang term originated when Binance was allegedly hacked, and CEO Changpeng Zhao reassured everyone with the typoed tweet, “Funds are safu”. The rest is history.) 

Imposters

One day, on a day like any other, a popular NFT marketplace on Ethereum listed the works of Serbian artist Milos Rajkovic for auction⁠—but there was one problem. They had no connection whatsoever to his works being auctioned off. In fact, Rajkovic had never even created an NFT before. In case you were wondering, the NFTs have been delisted. 

Fake Influencer Promotions

This type of promotion isn't a straight-up scam, but it is unethical at best. In fact, quite a few celebs like Kim Kardashian and Floyd "Money" Mayweather are getting sued. The allegation is that they were promoting NFT scams on their social media accounts. 

Then there's people like Melania Trump, who recently sold one of her own NFTs for a whoppin' $185,000. What she failed to realize is that all on-chain transactions are traceable. So when the data showed that it looked like she had bought her own NFT, the community went into an uproar. She denied it, but you can't deny on-chain data. (The same wallet address that bought the NFT sold the NFT.)

How to protect yourself from NFT scams

We're human. (Well, most of us anyway.) We make mistakes. That's normal. Having said that, there are precautions you can take to make sure you minimize your chances of costly human error. 

In Kevin Mitnick's book "The Art of Deception", the author states that the greatest vulnerability to companies is people. What he meant was that people can be easily persuaded into giving up valuable data via social engineering.

Mitnick acted as a consultant to such companies and helped train teams on data protection. You can take similar steps to protect your assets as well. Making yourself aware of the existence of these scams is the first step to protecting yourself. Exercising vigilance goes a long way as well. Scammers count on us to trip up and make human errors, and some of us often do, costing us dearly.  

 

Want an extra layer of protection? Go with a hardware wallet.

Image credit: olieman.eth  |  Unsplash

Hardware wallets store your private key, so that if it's not connected to your computer, the most a hacker can do is stare at your account balance. In other words, you add an additional layer of protection. 

The Ledger hard wallet does a great job. Trezor is another popular option.

 

If someone drains your funds from your wallet, you can't call the police. You can't take them to court, so there's no legal recourse. But if you think you're better off in real life, think again. 

Next time you find out that the Van Gogh you purchased is actually a fugazi, try to walk into a police station and file a report. But wait. Even before buying it, you'll have a hard time verifying whether it's even authentic. According to Art historian Thomas Hoving, various types of forged art make up to 40% of the market! Insane.

So now that we've covered the main NFT scams out there, here’s how you can protect yourself: Remain vigilant of these scams, and pay attention to the details. Most of these scammers rely on you slipping up when you’re tired, like by not double-checking the URL of the website you’re on. 

In closing: Be the skeptic

If an NFT project sounds too good to be true, it probably is. And this rule of thumb applies not just to NFTs, but to all crypto (probably to life too). 

It can be hard to ignore the siren call of extravagant promises of giveaways. Yet, the millions of dollars that have been lost are proof of that. So are the news headlines showcasing individuals who've suffered great reversals of fortune inside of a day. (And what a day that must have been.) 

So keep your cryptocurrency wallets close to your heart, and your crypto assets even closer. By becoming your own bank, you are assuming the very same security responsibilities of your banking institutions. But hey, as long as you remember to protect your neck, you can enjoy a fun shopping experience. 

And the added bonus? You'll never have to be that person at the party everyone's talking about, who lost their entire net worth due to some stupid link you clicked on. Right?

Related articles

    NFT Projects: How To Analyze Them Like A VC Pro
    There are 1000s of NFT projects on Solana, but how can you assess their potential? This guide covers exactly that.