Open in app

Sign in

Write

Sign in

NFT Scams and Pitfalls

oun | nftnerds.ai
NFTNerds.ai
7 min readMar 16, 2022

--

You should always be extra careful when dealing with NFTs, regardless of the situation. Below you’ll find a collection of popular scams and pitfalls people in the NFT space fall victim to. This list is in no way comprehensive, it’s simply a collection of red flags to look out for.

Hacked Discord servers

Hacking Discord servers is a great way for scammers to mass-target loads of people. Most often they gain access after hacking one of the admins/moderators. It’s usually achieved through phishing that aims to get admin permissions on the targeted server. With that access they can use one of the channels to send fake announcements - often about additional stealth mints, complete with fake site links and pushing users to urgently perform a certain task. Connecting your wallet and signing a message on the fake site will often result in your wallet being drained of its contents.

Key takeaways:

  • Be very cautious when someone is rushing you to act fast. Reputable collections will usually announce their actions ahead of time.
  • Get familiar with the rules of the Discord servers you’re a member of.
  • Always refer to official links published on collection’s Discord. NEVER click any links sent to you in DMs or general chats.
  • Cross-check other major communication channels. Did the collection post the same announcements on Discord, Twitter and/or their official page? Any discrepancies are a huge red flag.

Phishing

Sometimes phishing is relatively obvious

Impersonating someone else has always been an easy way of scamming people online and the NFT space is no stranger to it. You’re most likely to fall victim to phishing while on social media, most often Discord or Twitter. It could be a message promoting a giveaway or a mint, claiming to be a member of support or even accusing you of scamming. Some scammers even go as far as creating entire replica Discord servers and fake websites to scam you via partnership or whitelist proposal.

Whatever the reason, you’ll likely be asked to share some sort of information (your screen, dev logs, password, seed phrase, etc.) or perform an action like signing a message in MetaMask or clicking something on a website. DO NOT DO IT. Remember that scams often look very convincing and lulling you into a few minutes of false security is all a scammer needs. In crypto you’re always a few clicks away from losing all your money.

Key takeaways:

  • Do not share your seed phrase with anyone.
  • Before engaging in a conversation with someone, confirm that they are indeed who they say they are.
  • Do not share your sensitive information.
  • Do not give anyone remote access to your computer.
  • Do not click any links and be very cautious whenever you sign or approve something in MetaMask.

Fake projects

At this point pretty much any moderately successful collection comes with its fair share of copycats, trying to trick people into buying them by mistake. This is the NFT equivalent of those garbage bin movies and video games trying to trick your grandma into buying them for your birthday. Although more often than not they are the lowest effort scams you can think of, every now and then you’ll come across a more elaborate scam - sometimes utilizing stolen artwork or impersonating someone famous or reputable. Even then though it’s pretty simple to check the original artists’ other media channels and confirm whether the NFTs are legit. Remember not to make rash decisions and keep a cool head.

Key takeaways:

  • Check official social media channels to confirm the credibility of a collection.
  • Keep an eye on slight changes in the names or low quality images that look out of place.
  • Before making a purchase, confirm that the address of the collection matches the official one.

Rug Pulls

You can’t even trust a porn star to not pull a rug these days (CryptoSis)

A rug pull is a type of crypto scam that occurs when a team pumps their project’s token before disappearing with the funds. It could range from fake-from-the-get-go projects never intended to be anything other than a scam, to those where good intentions were met with a harsh reality and losses were cut, typically at the expense of holders and members. Those are often hard to recognize. You could feel like you’re dealing with a legitimate project, until you realize their Discord is gone and so is your money, because the token you just minted is now worthless. It all just speaks to the risky and unregulated nature of the NFT space. Even when you’re doing everything right, you’re still at risk of losing your ETH.

Key takeaways:

  • If possible check creators’ other projects, social media, etc.
  • Be wary of projects that have a history of promising a lot but delivering very little. Very generic and overly-ambitious roadmaps could be a red flag and a sign of a possible rug pull.
  • Join alpha groups on Discord, such as MVHQ, Kapital or OriginsNFT and talk with their community about projects you’re planning to buy into. Alpha groups often have dedicated scam warning channels that notify you about any suspicious activity in a project.

Infected tokens

When something feels too good to be true, it probably isn’t true. Especially when it’s a free token that just appeared on your wallet. If you have no idea where a token came from it’s best to just leave it alone. Interacting with it could activate a malicious function that could empty your wallet of its contents. For more details on this particular scam visit: https://nftevening.com/nft-scams-how-to-keep-your-crypto-safe-and-protect-your-nft/.

Key takeaways:

  • Don’t interact with tokens you don’t know the source of.
  • Don’t click on links that might appear in their descriptions.

Queued unconfirmed transactions

Not every mistake has to involve scammers preying on unsuspecting victims. Sometimes you lose money simply because of negligence. Whenever you start a txn, but change your mind and don’t confirm it, remember to reject it. Because otherwise it just stays in your MetaMask, waiting for a confirmation. And when you try to confirm another txn later, you might accidentally confirm the old one. At that point you’ve just bought a token you didn’t want or confirmed an old approval while potentially losing the token you were after at that moment, especially if it was highly contested.

Key takeaway:

  • If you’re not planning on going through with a transaction, approval or signature, always remember to cancel it all the way through.

Not checking estimated gas fees before confirming

We saw cases where a collection had a bug in its contracts that made the mint incredibly heavy computationally. As a result, the gas fee required to mint an NFT from that collection reached as high as a few thousand dollars. It’s easy to miss in MetaMask, because not everyone is double checking gas before confirming.

Key takeaway:

  • Always check the gas fees before confirming a transaction.

Uncancelled listings

There is a bug on OpenSea that can cause old listings to become fulfillable again, even though you don’t see them in the UI.

It relates to all listings that you haven’t explicitly cancelled — below are 2 popular cases where we saw that happen.

  1. - You list your token for 0.5 ETH.
    - You want to save some money on cancelling, so you decide to transfer the token from wallet A to wallet B.
    - When you transfer the token back to wallet A, the 0.5 ETH listing becomes active again, even though you don’t see it in the UI.
  2. - You list your token for 1 ETH.
    - You relist it for 0.5 ETH and someone buys it.
    - If this token even appears in your wallet again, the 1 ETH listing will become active again (!) and you won’t see it in the UI.

Key takeaways:

  • Whenever you want to cancel a listing — it’s safest to do it explicitly. Otherwise it might be reactivated in a surprising way.
  • Remember that every listing you create is active until it’s either matched or cancelled.

Listings scam

Some listings are meant to be a ‘bait’. That means they are listed for say 0.1 only to be quickly re-listed mid txn for 10x more, so 1 instead of 0.1.

*shameless plug alert* To protect our users, we’ve added an alert that warns against price changing between clicking ‘Buy’ and MetaMask opening. We do our best to filter out these cases, but always remember to double-check for yourself whether everything is in order.

Key takeaways:

  • Pay attention to alerts in the bottom left corner of the NFTNerds.ai screen after clicking ‘Buy’. Specifically the one stating: ‘PRICE CHANGED’ and flashing a red light.
  • Always check whether the price that pops up in MetaMask before you confirm the transaction is indeed the price you want to pay.

Remember, this is not a comprehensive list. Scammers are inventive and very active in the NFT space, always coming up with new ways of draining your wallet of its contents, so stay vigilant. Never share your seed phrase, only connect to reputable sites, double-check every piece of information - and if your wallet is ever compromised, consider transferring its contents to another one.

Nft
Scam
Crypto
Cryptocurrency
Discord

--

--

oun | nftnerds.ai
NFTNerds.ai

Written by oun | nftnerds.ai

12 Followers
Editor for

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams