The Federal Bureau of Investigation (FBI) has issued a warning regarding criminal actors who are hijacking social media accounts and impersonating legitimate individuals in the nonfungible token (NFT) and cryptocurrency space. The FBI also expressed concerns about the increasing number of victims falling prey to scamming methods involving spoof websites that deceive users into thinking they are on legitimate platforms, only to steal their NFTs and cryptocurrency.
In a public service announcement released on August 4, the FBI urged the public to be cautious of “criminal actors posing as legitimate NFT developers in financial fraud schemes targeting active users within the NFT community.” These fraudsters gain access to NFT developer social media accounts or create fake accounts to promote new NFT releases. Their posts often create a sense of urgency by claiming limited supply and referring to the promotion as a surprise or unannounced mint. These posts contain phishing links that direct victims to spoofed websites that appear to be extensions of the particular NFT project.
The scam websites typically prompt users to connect their wallets to claim or purchase NFTs. However, these connections are linked to drainer smart contracts that result in the draining of funds or assets. It is important to note that there are instances where funds can be stolen even without directly connecting wallets to dubious websites. For example, a user on Twitter stated that they accidentally clicked on a spoof Looks Rare NFT marketplace website and did not connect their hot wallet, yet still had over $300,000 worth of NFTs stolen. This fake website was promoted as a paid ad at the top of Google’s search results, highlighting a persistent issue that Google has yet to address.
Furthermore, there has been speculation as to how victims can have their NFTs drained without connecting their wallets. Some argue that malware may be enabling access or control over the victim’s PC, while others suggest the presence of a hidden MetaMask wallet signature link on scam websites that could be accidentally clicked.
On the same day, Scam Sniffer, a Web3 anti-scam platform, reported that someone lost $446,000 worth of Bitcoin, Ether, and Pepe coin due to a phishing link. The Pink drainer address was identified as being behind the phishing hack, and it was suspected that the scam occurred through two fake airdrop links promoted by hijacked Twitter accounts.
To protect themselves from these scams, the FBI advises individuals to thoroughly research and vet any opportunities, such as surprise NFT drops or giveaways, before clicking on links. The agency also encourages users to double-check website URLs and account names for any discrepancies to avoid falling victim to impersonators.
With the increasing popularity and value of NFTs and cryptocurrencies, it is crucial for users to remain vigilant and take necessary precautions to safeguard their digital assets from criminals looking to exploit the booming market.
Source link