FBI Warns of Phishing Scams and Social Media Account Hijackers

In the rapidly expanding world of nonfungible tokens (NFTs) and cryptocurrencies, the Federal Bureau of Investigation (FBI) has issued a stern warning about the rising threat of phishing scams and social media account hijackers. Criminal actors have been targeting active users within the NFT community, using deceptive tactics to steal funds and assets.

The Deceptive Scheme

The FBI’s public service announcement, released on August 4, highlights the modus operandi of these cybercriminals. They either gain direct access to legitimate NFT developers’ social media accounts or create almost identical accounts to promote fraudulent NFT releases. To create a sense of urgency, they use phrases like “limited supply” and promote the NFTs as a “surprise” or previously unannounced mint.

“Criminals either gain direct access to NFT developer social media accounts or create almost identical accounts to promote new NFT releases. Fraudulent posts often aim to create a sense of urgency, using phrases like ‘limited supply,’ and refer to the promotion as a ‘surprise’ or previously unannounced mint.”

The fraudulent posts often contain phishing links that direct victims to spoofed websites that appear identical to legitimate NFT projects. Unsuspecting users are prompted to connect their digital wallets to claim or purchase NFTs, but instead, they unknowingly connect to a drainer smart contract. This results in the loss of their funds or assets.

Although the basic premise involves convincing users to connect their wallets to malicious platforms, the scams have become increasingly sophisticated. Some victims have fallen prey to these schemes without even directly connecting their wallets. For instance, in one reported case, a user mistakenly clicked on a spoof Looks Rare NFT marketplace website and had over $300,000 worth of NFTs stolen. The fake website was even promoted at the top of Google’s search results as a paid ad, emphasizing the need for improved security measures from search engines.

Social Media Account Hijacking

In addition to phishing scams, criminals have been hijacking social media accounts of prominent figures in the crypto and NFT space. Recently, hackers tweeted a phishing link from Uniswap founder Hayden Adams’ Twitter account, further amplifying the danger of these attacks. By impersonating respected individuals, the hackers gain the trust of unsuspecting followers and lure them into falling victim to their schemes.

To protect themselves from falling prey to these scams, the FBI has provided essential tips for NFT enthusiasts and crypto users. Firstly, it is crucial to research and vet any opportunities, such as surprise NFT drops or giveaways, before clicking on any links. Doubts should arise if the promotion seems too good to be true or if the urgency feels forced.

Moreover, individuals are urged to double-check website URLs and account names for discrepancies, as impersonators often use subtle variations to deceive users. Awareness and vigilance are key to thwarting these cybercriminals and safeguarding one’s hard-earned funds and assets.