NFT Brand Impersonation Scams
NFTs and Web3 are challenging known and traditional notions of ownership and control in our digital landscape.
NFTs help enable and empower a new generation of creators and entrepreneurs to monetize and distribute digital content in new ways, and take control of their work and build new types of communities and ecosystems on the Web3.
Overall, NFTs and Web3 represent a significant shift in the way we think about ownership, value, and control in the digital age, and are opening up new possibilities for innovation, creativity, and collaboration. On the other end, NFTs can also pose as another avenue of opportunity that threat actors can take advantage of to produce scams targeting corporate entities.
As we become more emerged in the Web3 ecosystem (the decentralized web), it's time to better understand key aspects of that system, namely NFTs, and how they could be used against your brand and put your reputation at risk, especially considering the recent 117% surge in NFT trading volume.
First of all, what even is an NFT?
Here’s where it gets a little boring. To spice things up, maybe this Saturday Night Live video explaining NFTs can help. Anyway, let’s break it down here:
NFT stands for non-fungible token.
Fungible is essentially a fancy word for replaceable or interchangeable. Cryptocurrency, for example, is fungible, because if you exchange one bitcoin for another bitcoin, you will end up with something of equal value.
NFTs are non-fungible because they are digital items, such as photos, videos and audio files with unique identification codes and metadata that distinguish them from other NFTs. So while an NFT may look identical to other NFTs they are non-fungible because of their unique identifiers which allows their value to be determined by the individual owner of the NFT and the value others on the market place on it.Source: OpenSea
NFTs receive their unique identifiers, including assigning ownership over the NFT, by being tokenised via a blockchain, hence why they are also called tokens. This process is also called, minting, where the NFT becomes recorded on the blockchain and is directly linked to a blockchain address, allowing it to be publicly traded.Source: AssetOnChain
The blockchain is a decentralized, distributed, public database that is used to record transactions that use a cryptocurrency system. All transactions are recorded publicly in a ledger across many computer systems, called blocks, that verify all transactions.Source: Investopedia
NFTs can be traded and exchanged for cryptocurrencies, money, or other NFTs. Buying an NFT does not mean taking ownership of the NFT. Instead you take ownership of a record of the purchase in the blockchain.
Web3 marketplaces, such as OpenSea, allow users to buy, sell, or create NFTs.
Essentially, NFTs are a way for people to buy and sell digital artwork. Below are some examples of different NFTs.
Ok, but why even buy an NFT?
Many NFTs consist of already existing digital creations, such as short clips from NBA games. So you may be thinking why on earth would I buy something when I can just take a screenshot of it, or view it for free online?
In many ways it's similar to collecting trading cards. People do it as a hobby, for nostalgia, as a form of investment, or for a way to build social connections with other collectors. Many also enjoy the thrill of the hunt, tracking down and hunting rare cards, and completing their sets. In the same way, once you buy an NFT it allows you to take ownership over the original item, which for many is a value in itself. For others it allows for digital bragging rights or a sense of notoriety. Think of it in this way, anyone can buy a print of the Mona Lisa painting, but only one person can actually own it.
In 2021, for example, Jack Dorsey, the founder of Twitter, minted an NFT connected to his first tweet from 2006 and sold it for $2.9 million to blockchain entrepreneur Sina Estavi.
Today, NFTs have evolved into many different things. Below are some examples:
Cryptokitties: one of the first NFT projects, which allows users to buy, sell, and breed unique digital cats.
Beeple's Everydays: a collection of 5,000 digital artworks created over 13 years, which sold for a record-breaking $69 million at auction in March 2021.
NBA Top Shot: an NFT platform that allows users to collect and trade unique basketball highlight clips.
Virtual real estate: some NFTs represent ownership of virtual real estate in online games and virtual worlds, such as Decentraland and The Sandbox.
Grimes' digital art: musician Grimes sold a collection of digital art as NFTs for nearly $6 million in March 2021.
So, in what way are NFTs bad?
When we say scammers will use anything at their disposal to trick people into falling for a cyberattacks, we truly mean ANYTHING. Cost of living crisis? Scams. FIFA world cup? Scams. Launch of ChatGPT? Scams. Earthquake in Turkey? Scams. Death of the British Queen? Scams.
Unfortunately, no matter how deplorable a situation may seem, people will not hesitate to manipulate you using social engineering techniques to scam you out of some money. Scams can range from incredibly complex to very simple.
As with anything, NFTs can and have also been used in scams. Often they involve the sale of NFTs that don't actually exist, or that are misrepresented as being more valuable than they actually are. Let’s take a look at a few different NFT scams.
Different types of NFT scams
Scammers may create fake NFTs by copying the artwork or digital asset of an original NFT and selling it at a lower price. Fake and stolen NFTs have no value, and victims often find out too late once they’ve bought the counterfeit NFT. It's crucial to always verify the authenticity of the NFT and its creator before making any purchases.
Pump and dump scams
This is a market manipulation strategy in which scammers create hype around a particular NFT to artificially inflate its value. They then sell their NFTs at a high price, causing the price to crash, leaving investors with a worthless NFT.
Threat actors may send phishing emails or messages that appear to be from a legitimate NFT platform or artist. They may ask for personal information or prompt users to click on a malicious link, leading to the theft of personal data or funds.
NFT investment scams
In these scams, cybercriminals may promise high returns on investment in NFTs or offer a share in the profits from the sale of an NFT. They may create fake investment schemes or Ponzi schemes, leading to the loss of funds.
Fake NFT marketplaces
Scammers sometimes create fake NFT marketplaces that appear to be legitimate, attracting unsuspecting investors to buy fake NFTs or deposit funds into a fraudulent wallet.
Using social media to promote NFT giveaways, scammers will encourage people to sign up to their fake website and receive a free NFT in return. However, before receiving the NFT, the scammer will request crypto wallet information and use that to breach the victim’s account allowing them to steal the victim’s NFTs and cryptocurrency.
NFTs in Brand Impersonation
As brands today all have some form of online presence (websites, mobile applications, social media accounts), replicating and impersonating a brand is a relatively simple task for threat actors to accomplish. Therefore, any digital asset that you create as a brand can be exploited by threat actors and ultimately damage your brand reputation. NFTs can be used in brand impersonation schemes in several ways.
Using NFTs to represent digital assets, such as images or videos, is great, however, scammers can misuse your brand assets by imitating the branding and imagery of your legitimate brand or product. They can create unauthorised NFTs that use the brand logos or other trademarked materials without permission. These fake NFTs can be sold on online marketplaces, often for significantly lower prices than the genuine article.
Online marketplaces, where NFTs are sold can also be impersonated by cybercriminals. They use similar domain names to the official website in order to trick users into believing that the marketplace is legitimate. Scammers may also create websites that appear to be affiliated with a popular NFT platform or marketplace, but which are actually designed to trick users into giving away sensitive information or purchasing fake or counterfeit NFTs. These impersonation attempts directly target the NFT marketplace and put their reputation at risk. Additionally, any fake or counterfeit NFTs sold on the marketplace could put the brand being impersonated at risk of reputational damage as well.
Scammers may also create fake tech support accounts that send messages to users asking for account information in order to provide support and then subsequently steal the victim’s credentials.
These tactics can damage the reputation of any legitimate brand by tricking users into buying an unauthorised product, which may showcase the target company in a negative light.
Protect your brand from NFT scams
Bfore.Ai provides enterprises with the necessary tools to safeguard brands from domain based attacks. Bfore.Ai's PreCrime Brand Technology identifies potential cyber threats by leveraging machine learning and artificial intelligence, which can identify patterns and anomalies in data to PreEmpt cyber-attacks and stop them before they occur. This proactive approach can help businesses stay ahead of cybercriminals and protect their valuable assets from the damaging effects of cybercrime.
Take control of your brand’s reputation and schedule a demo with Bfore.ai today to see how we can help your company stop brand attacks.