The Federal Bureau of Investigation (FBI) has raised a red flag over a new wave of financial scams that target unsuspecting internet users interested in acquiring Non-Fungible Tokens (NFTs). In a recent announcement, the agency highlighted a sophisticated scheme where criminals disguise themselves as legitimate NFT developers.
Beware of “drainer” contracts
According to a public service announcement published by the FBI yesterday, the malefactors employ two main methods to lure their prey. They either hijack the social media accounts of genuine NFT developers or craft ones that appear almost identical.
Once in control, they promote seemingly exciting NFT releases, often peppered with phrases like “limited supply.” They label such promotions as “surprises” or unannounced mints to spark urgency.
But the real danger lurks behind the links they provide. These are not gateways to lucrative NFT opportunities. Instead, they’re phishing traps that lead to sham websites designed to mirror genuine NFT project platforms. Unwitting victims are encouraged to link their cryptocurrency wallets, intending to purchase the advertised NFT.
In a sinister twist, when victims make this connection, they are, in fact, tying their wallets to a ‘drainer smart contract’. This sinister move allows criminals to swiftly transfer both cryptocurrency and NFTs from the victim’s wallet to their own. The stolen assets are then meticulously laundered through a maze of cryptocurrency mixers and exchanges, effectively masking their trail and final destination.
How to avoid being wrecked?
To safeguard oneself, the FBI has provided a few vital tips. First and foremost, it urges potential buyers to exercise caution when encountering any “surprise” NFT offers. It’s essential to verify if the developer in question has previously engaged in surprise mints or expressly stated their intention to avoid such promotions.
Another crucial step is verifying the authenticity of the social media account touting the NFT. Red flags include misspelled account names, suspicious account history, differing screen names, and discrepancies in followers or account creation dates.
Moreover, potential buyers should be hyper-aware when asked to connect their cryptocurrency wallet to any website. Signs of a fake website include misspelled domain names, superfluous URL characters, or dysfunctional links that loop users back to the homepage.
Report any suspected activity to help others avoid scams
Above all, the FBI’s timeless advice remains: if an opportunity sounds too good to be true, it probably is. They urge victims of such scams to promptly report any suspicious activity to the FBI Internet Crime Complaint Center, ensuring they include pertinent details like links, social media accounts, and crypto account information, under the keyword “NFTHack”.
The FBI has been involved in several investigations related to crypto ransoms, frauds, and other illicit activities, underlining the complexities and risks associated with the evolving digital financial landscape. Just recently, the agency searched the home of Jesse Powell, the founder of the Kraken exchange, as part of a criminal investigation.