Imagine you get into a new space and don’t know how the conventions and practices are. Suddenly, someone tells you that you can buy an NFT that is high profile. Do you jump on it? Probably yes.
Soon after I got into the NFT space, I was astonished by how many scams there are in this space and how tricky scammers can be. Hearing from friends who are new to NFTs that they got scammed on day 1 and seeing tweets from people who got scammed and lost all their money and assets, this space can feel really scary for newcomers. Because of these stories of people being scammed, many people think all NFTs are a fraud, which should not be the case.
As this space is so new, it sometimes feels like a Wild Wild West, but there are some easy things you can do and keep in mind to avoid being scammed. I will try to cover the most important aspects, which I feel is helping you to protect yourself and your assets. These are:
- Test your knowledge
- BE SKEPTICAL
- Golden rule: never give your seed phrase to anyone
- How to avoid scams
- scams on Opensea
- scams on Discord
- scams on social media
Test your knowledge
Think you already got all knowledge to win against scammers? Then I urge you to take this test and prove yourself: Curious Addys Trading Club Official Scam Test
Be skeptical
If you think like “Wait a minute? This guy is writing about scams and then asking us to open a link? Is this a test?”, then you are on the right path to win against scammers already. However, it is not a scam.
Being skeptical is a good recipe in this space. When I entered, I found scams to be really annoyingly crazy and elaborate. I was just new and was hunting to participate in a project called “Mekaverse” which was ofc very hard to get into. So just before the mint started I got a DM saying that I could access the mint via a special link. Sounds too good to be true? Yes, you are right. Legit projects will never DM you. Since, I was new to the space I was skeptical but also didn’t know how things were handled in the space. Hence, I asked within the official discord group and they quickly told me that it was a scam.
There is tons of money in this space and the industry is growing at a rapid pace. People are excited as the potential for some NFTs is enormous. The downside of this is that it is also very profitable for scammers, which is why they become very elaborate in their efforts to scam you.
Golden rule: never give your seed phrase (=private key) to anyone
The most important thing to protect yourself is to never give your seed phrase to anyone. Knowing the seed phrase is like the golden ticket to Willy Wonka´s Chocolate Factory.
If a scammer gets to know your seed phrase then he will be able to import your wallet via his own device, which in turn enables him to transfer all of your stored crypto & NFTs to his own wallet. Once the transactions are made, there is absolutely no way to get it back. So it is…
ABSOLUTELY IMPORTANT TO KEEP YOUR SECRET RECOVERY PHRASE SAFE AND NOT SHARE IT WITH ANYONE OR ON ANY SITE. YOU WILL NEVER EVER NEED YOUR SEED PHRASE OR PRIVATE KEY AT ALL FOR ANY TRANSACTION, SO IF ANY SITE OR PERSON ASKS YOU FOR EITHER, THAT IS AN IMMEDIATE RED FLAG.
I will give you one example of how such an attempt could look like. This message was sent to thousands of Discord users on November 28, 2021.
At first glance, this message looks decent. Recognicable Name, Domain and picture. People who clicked on the link, were redirected to a phishing site, and were asked for their metamask password and seed phrase. Some people unfortunately gave it to them. Interestingly, all these people did say they knew it is a must-not do thing to give out your seed phrase, but sometimes, people are busy, tired, in a hurry and so it can happy to anyone. Afterwards many people realized what they had done was wrong immediately, but everything was already gone.
Fun fact: the scammers say in their message that the collection on Opensea is not yet live, and that you can only mint through their site. Scammers scam scammers. LOL
How to avoid scams
Just imagine you own this beautiful piece of art that you were grinding hard to get onto the whitelist for. You spent hours and hours being active in discord and then you can finally mint the NFT and the project is set to go to the moon. Now, imagine if you wallet has been compromised and your NFT taken from you. In the following, I will discuss how to protect yourself on the different platforms and how current scam techniques may look like.
Scams on discord
Discord is a popular tool for building communities in this space, but not everyone is perfectly familiar with it as it is primarily used for gaming. As it’s still a somewhat new platform and not everyone is used to it, there are so many scammers living in Discord trying to get your seed phrase or password. Here´s a couple of things you will need to keep in mind to avoid getting scammed.
Golden rule: never click any promotional links from DMs
Once you start joining Discord servers for various NFT projects, you will start getting millions of DMs. DMs and Discord server icons are located all on the same place (the left side of the app) and when you click around the icons, you will naturally see some DMs. It is actually really confusing, because some DM users will have the same icon and name as a channel you´re actually part of, to try to pretend to be the channel and not a user. Here is how to tell a user DM apart from a channel message.
No legitimate project will ever send you a DM as an announcement for minting, drops or giveaways. All the announcements happen in one of their discord channels, so please do not respond or interact with any DMs, even if the seam from an official member of any team – they never are.
Here are some other examples of scam messages:
Change your server privacy settings
A very good way to avoid being scammed in such a way is to adapt the privacy settings on your servers. Because how do scammers find you and know what you are interested in: through common servers. If you are in Hapebeast servers the scammers know that you are interested in getting an NFT and hence they will send you lots of DMs pretending that mint is ready or that you have won a giveaway.
In order to change the settings, right click the icon of the server you are in and select privacy settings and turn off “allow direct messages from server members”.
You can also choose to disallow direct messages from all your servers. For that you need to click on the settings button next to your profile name on the bottom left.
After being in the space for some time, I found that it is not necessary you have direct messages turned on. Nobody legit will DM you. In case I really expect a message, then I turn on direct messages for a short time until I disallow it again. This gave me a lot of peace of mind. Chat with friends are not impacted by this setting.
Avoid a project or Opensea support scam
I am always grateful to anyone who shares the story of when and how they got scammed, as it helps us and others to learn and not to fall into the same trap. One of the best stories I read was from Jeff Nicholas. I highly recommend reading his tweet of what happened. It sounds utterly painful and sad and will make you feel like you really need to be careful.
In short, what happened is that he joined the Opensea server to resolve one small royalty issue and got a DM from someone called “Pascal | Opensea”, who usually posts on the opensea support channel. Jeff was invited to a separate discord channel where, after some back and forth conversation he was asked to share his screen. You can imagine what further on happened.
Remember that neither Opensea nor any other project/staff members will:
- contact you in DMs first
- ask for your wallete seed phrase
- invite you to a different server
- ask you to click a link to “fix” your wallet.
How to avoid being scammed on Opensea
Discord is not the only place where scammers try to take money out of your pocket. Also on the NFT platform itself, you need to be skeptical and check twice if you have found the right collection or NFT.
Check the name of the project
One of the easiest things to look for is if the name of the project is correct. Here it is best to check how the official collection is called in the discord server.
Let´s say you want to search for the Meta Legends Collection. You type in “metalegends” and find this.
Actually all of these collections are fake. You can easily see it by 1.) the number of items that the collection has and 2.) by the name (if you checked discord). The real collection can be found if you type in meta-legends with 11k items. The difference is so small but very important.
Look for a verified badge
Opensea uses a badge to verify certain accounts and collections. This is a sign that the collection or account is legitimate. In the example below the collection of SpacePunksClub has been verified by Opensea.
However, beware of tricky scammers. They sometimes take this badge and add it to the picture. Thank god, Opensea updated don’t put the badge anymore next to the picture to make it less easy for scammers.
Another possibility is to check if Opensea has verified the creator account. See below the tag.
Usually the barrier to get recognized is when you trade 100 ETH. However, many projects have passed this barrier and have not yet been verified. Opensea needs to speed up this process.
Check the # of items and volume
Another way to check the validity of a collection, is to have a look at the traded volume and the # of items.
The collection below is legitimate. It has 11.7k items and volume traded is 2k ETH.
The collection below is fake. Only 53 items by 4 owners and 0,5 ETH traded. Usually, the collection is fake if it has:
- less than 1k items – scammers don’t have the time or money to create 10k NFTs, so the number is usually pretty small like less than 1k
- low volume traded – the volume traded here is sadly the amount that victims paid to scammers, hopefully pretty small
- low floor price – the price usually is too good to be true for those major popular projects
Usually, tools like Rarity Sniper or Rarity Tools have the exact same information as Opensea. You can cross-check whether your collection has the same amount on both sides. Usually, we can trust this data, as creators have to pay quite a high fee (rarity tools = 2ETH) to have their collection listed.
Check properties
Another quality criterion can be found in the properties of the NFTs. If you have a detailed look at one NFT and go to “properties” the official ones have described the various traits each NFT has. Fake collection often don’t have the properties tab at all as it is time consuming to create them. However, some do take the time to create them. So pls use this criterion only if there is no properties tab as a fake check and search for confluences with multiple other things.
Check the contract address
Another more advanced way to check the validity of a collection is to compare the Contract Address. Teams usually post their official contract address on their official website. So you can check the posted contract address and compare it with the one on Opensea and on Etherscan.io. If it matches then you have the right collection.
Scams via social media
I have also been scammed/rug pulled once. Being an NFT newbie, I followed an “influencer” on Twitter who said that he is minting “The Mask Man” who are doing a stealth launch. He promised that it would be the next Fidenza´s or next BAYC. Hence, in a hyped-up NFT space you tell yourself you would regret not taking a chance on what could potentially be the next BAYC. I checked the website, discord etc and thought to have done proper research. Therefore, I connected my wallet and minted an NFT. I even got the NFT into my wallet. All good so far. Only a couple of days later, the discord, the web and all social media accounts disappeared and never have we heard of “the Mask Man” again. I keep the NFT as a reminder that we have to be careful and skeptical when interacting in this market.
Do you need to get scammed at least once in order to say you that you were really initiatied in the NFT space?
No, you don’t need to. But if you do, then make sure it is a small one.
The techniques describe in this article are the ones which I find to be the major ones at the moment, but scammers are creative and come up regularly with new ideas to pick your pockets. At days, it seems like a Wild Wild West. I hope that by this article, you learned something and that maybe I could have helped you to not be scammed like many others.
I hope you learned something today and would love you to consider following me on my twitter @0xCryptonite if you like more recent updates about the space.