Common NFT Scams

Log of public scams/hacks

• OpenSea impersonation

In OpenSea, it's possible for an attacker to create a collection that looks just like the original, generate fake volume, and lure people into purchasing from their collection instead of the original. Some examples of what these look like:

To protect yourself from this scam:

1. Find the project's official Twitter/Discord website and only use links from those pages

2. Verify the collection's total volume. Scammers usually do not bother generating too much fake volume. If it's a legitimately low-volume collection, why would you want it anyway?

   1. Example from the legitimate Block of Horrors collection:
   2. Example from the impersonated Block of Horrors collection:
3. Verify the collection's owners. You can do this by clicking on the three dots on the OpenSea page and going to the Etherscan (or equivalent) page to check the number of holders. Impersonated projects typically have low holder diversity.

4. If you need to be extra safe, the only real way of knowing is to compare the contract address of the collection with contract addresses provided by the project.

Wallet drainers

Wallet drainers are projects with malicious code in their smart contract. When interacting with the contract, the malicious code is executed which may use approvals you've made for the contract to transfer high value tokens out of your wallet to the attacker's wallet.