NFT scams are evolving and it’s important to be aware of the different types of scams that are present in the market, even on reputable marketplaces like OpenSea.
One of the latest types of NFT scams on marketplaces involves the use of “mysterious” NFTs that show up in your wallet without you having purchased them.
These NFTs are often offered for sale at inflated prices on marketplaces like OpenSea and can appear to be too good to be true, which is a sign of an opensea scam.
However, it’s important to remember that if something seems too good to be true, it probably is. Another type of NFT scam is the use of “mirror” or “clone” websites that mimic legitimate NFT marketplaces like OpenSea.
These sites may use similar branding and logos to the legitimate site, but they are designed to steal your personal information or steal your NFTs. Be cautious of any site that asks for your private key or seed phrase, as these are signs of a scam.
NFT Marketplace Exploits the Old Way
The “approval” function on OpenSea is a smart contract function that allows you to give permission to the marketplace contract to transfer your NFTs or Ethereum (ETH). By signing this function, you are authorizing the token contract to allow the transfer of your assets to another party on the marketplace.
This Is a Necessary Step
Transferring NFTs or ETH on OpenSea and ensures that only you have control over your assets and can authorize their transfer.
When it comes to the potential open-sea scam issues, it’s important to be aware of the risks associated with using smart contract-based marketplaces like OpenSea.
While the platform itself may not be a scam, there is a possibility that malicious actors could exploit vulnerabilities in the smart contracts to steal your NFTs or ether.
This is what happened with the old Wyvern contracts used by OpenSea, where a single hacker was able to steal 10 Azuki’s, 8mfers, and 3 Mutant Apes with just one signature, due to the vulnerability in the contract.
To avoid falling victim to an open sea scam, it is important to only use marketplaces that have been properly audited and have a good track record of security.
Additionally, only approve contract calls from trusted sources, and keep an eye on your approved NFTs and ethers.
It is important to be aware that some malicious actors may use phishing tactics to trick users into approving contract calls that will allow them to steal their assets.
For example, As stated by 0xfoobar, a developer and expert in the field of Defi and MEV, the message displayed on a website notification may say “click here to animate your ape,” however the actual transaction that occurs within a wallet will say “SET APPROVAL FOR ALL.”
This means that by clicking on the link, the user is giving permission for the contract to transfer all of their assets, not just the specific NFT they thought they were animating.
It is crucial to always check the details of the transaction and make sure it is what you expect before approving it.
NFT Marketplace Exploits: A New Way
This type of scam is known as a phishing scam, where the attacker attempts to trick the victim into providing sensitive information or signing a malicious transaction.
In this case, the attacker is using a fake error message and a malicious URL to try and trick the victim into signing a transaction that would allow the attacker to take control of the victim’s NFTs or steal their cryptocurrency.
It is important for users to be cautious and not click on any links or enter personal information on any sites that they are not familiar with or that look suspicious. Additionally, users should always verify the authenticity of any transactions or offers before proceeding.
That is correct. It is important to thoroughly research and verify the authenticity of any contract or asset before interacting with it on the blockchain.
Additionally, it’s a good practice to not share your private keys with anyone and to use a hardware wallet to store your assets. It’s also important to be cautious of phishing attempts and to double-check the URL of a website before entering any sensitive information.
Additionally, be aware that gas prices can be high during periods of heavy network usage, so it’s important to be mindful of that when making transactions.
Read Also: Can You Copy An NFT?