NFT Traders, Beware of Social Engineering Hacks
Holders of blue-chip non-fungible tokens (NFTs) have long been targets of various types of attacks given the value of their possessions - and now scammers seem to have found new loopholes to take advantage of.
A popular vector of attack for scammers has so far been malicious links, where scammers hack into a project's social platforms and publish phishing links - as previously happened to Solana-based NFT collection Monkey Kingdom.
However, more recently, there seems to be a trend where scammers try to exploit loopholes in the UX (user experience) / UI (user interface) design of NFT platforms to steal valuable collectibles from potential users.
Just earlier this year, scammers were able to exploit an issue related to the UI design of major NFT marketplace OpenSea to buy NFTs for old listing prices, which were far below the collection's floor price.
In a similar manner, a Bored Ape Yacht Club (BAYC) NFT holder recently lost three of their valuable NFTs largely due to the poor UI/UX design of an NFT platform.
The pseudonymous 0xQuit took to Twitter to reveal the details of how user "s27," who entered into a direct swap trade using Swapkiwi, a peer-to-peer NFT swapping platform, fell victim to a scam.
Apparently, s27 had agreed to swap BAYC #1584 and two Mutant Ape derivatives (#13168 and #13169), cumulatively worth over USD 560,000 given the current floor price, with another user's BAYC #4424, #5406, and #2007 - only these BAYC NFTs were simply knock-offs.
Swapkiwi does display verified NFTs with a checkmark, but the checkmark appears within the image. Taking advantage of this, the scammer photoshopped fake JPEGs to place a checkmark on them, making them look like verified BAYC NFTs.
"The scammer added these checkmarks to the
Read more on cryptonews.com
