The FBI said that once victims click the provided links, they are redirected to phishing websites masquerading as legitimate extensions of specific NFT projects.
The Federal Bureau of Investigation (FBI) has warned attackers posing as legitimate Non-Fungible Token (NFT) developers to steal cryptocurrency and NFT assets from unsuspecting victims.
In these attacks, the criminals either gain unauthorized access to NFT developer social media accounts or create nearly identical versions to promote new NFT releases. To lure victims, they deploy tactics making a false sense of urgency, using phrases like "limited supply" and promoting the NFT release as a "surprise" or previously unannounced mint.
The FBI said that once victims click the provided links, they are redirected to phishing websites masquerading as legitimate extensions of specific NFT projects.
The fraudulent websites urge victims to connect their cryptocurrency wallets for NFT purchases. However, this seemingly safe action creates a drainer smart contract that transfers their cryptocurrency and NFT assets into the criminals' wallets.
To obscure their tracks, the criminals use a series of cryptocurrency mixers and exchanges to make it difficult for law enforcement agencies to trace the final destination of the stolen assets. To mitigate the risks such scams pose, users must conduct due diligence and review social media accounts and websites to verify their legitimacy.
The FBI urged victims to promptly report any instances of fraudulent or suspicious activities related to NFTs through the Internet Crime Complaint Center. When filing a complaint, victims are said to provide crucial details, including links, social media accounts, crypto accounts, or domains associated with the scam, and to include the NFTHack keyword to make it easier to keep track of reports linked to this type of scam.
It is not the first time the FBI alerted cryptocurrency owners of scammers targeting their wallets in various ways. In March, the FBI warned of a spike in bogus cryptocurrency investment schemes called pig butchering, leading to losses of $2 billion in 2022.
This includes CryptoRom, in which criminals use fictitious identities on dating apps and social media platforms to develop romantic relationships and build trust with victims before introducing the idea of trading cryptocurrencies.
The operators are known to engage in initial conversation within the app with which they made initial contact with the target. Soon the chat is moved to a private messaging app such as Telegram or WhatsApp. Also, Criminals coach victims through the investment process by showing fake profits and encouraging victims to invest more, said the FBI.
To combat the rising tide of NFT-related financial fraud, the collaborative effort of the NFT community, platforms, and law enforcement is crucial. By reporting suspicious activities promptly, victims can play an essential role in helping authorities identify and apprehend these criminal actors, safeguarding the integrity of the NFT community and protecting fellow enthusiasts from falling prey to such scams.
Want your digital assets to be protected?
CyberShelter provides innovative and modern cybersecurity products and niche services to individuals and organization against all kinds of cyber threats.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?