NFTs, or non-fungible tokens, have been all over the news in recent months. Whether it’s celebrities endorsing pictures of cartoon apes, California teenagers being arrested after perpetrating a multimillion-dollar fraud on gullible investors, or Twitter founder Jack Dorsett selling an image of his first-ever tweet for a cool $2.9million (more on that later), NFTs have been garnering more than their fair share of attention. Hitting the zeitgeist of meme culture, shiny tech appeal and crypto goldrush, NFTs appeal to classic human traits: curiosity, greed, and fear of missing out. The NFT market’s growth has been absolutely astounding, with total transaction value moving from less than $100million in 2020 to $23billion in 2021 and an as-yet-unknown number in 2022. Exponential growth doesn’t even come close to describing this! And without any regulatory framework, the NFT market is a flame to the scammer moths of this world. Whether through hacking, phishing, or stunts such as rug pulls (more on that later, too), con artists are fleecing innocent victims of millions of dollars. However, buyers and investors are not helpless in the face of this onslaught: there are simple tips and tricks to protect yourself from fraudsters and, if it is already too late, industry-leading cyber fraud investigators such as Cybertrace who have the technological capability to trace stolen NFTs and cryptocurrency and provide you with the crucial information you need to identify offenders and recover your digital assets. In this article, we will explore the wild rise of NFTs, document the key trends in NFT scams and frauds, and introduce Cybertrace’s exclusive new NFT and crypto asset tracing services. But let’s start with a simple question: just what are non-fungible tokens?
Non-Fungible Tokens Explained
The hardest thing to understand about NFT scams is what non-fungible tokens refer to in the first place. Fungible simply means interchangeable; for instance, any dollar you own is interchangeable with any other dollar, without a drop or increase in value. By contrast, a painting or sculpture in your possession is unique and not simply interchangeable with any other artwork. Finally, a token is a representation or voucher that stands in for an intangible object.
Applied to the virtual world, a non-fungible token is thus a record, contract or ‘digital passport’, that verifies the ownership of a unique piece of digital content, such as an image, song, video clip or animation. While artists can retain copyright and reproduction rights, and everyone with an internet connection can still access and copy the file, what you buy with an NFT is ownership of the work. The best analogy is probably with the artworld: anyone can buy a print of the Mona Lisa in the gift shop at the Louvre, but there is only one owner of the famous painting. And it is this symbolic ownership of a scarce object which can be traded with others that determines its value.
In addition to uniqueness and scarcity, transparency is another important aspect of non-fungible tokens. NFTs are created – “minted” – on the blockchain, a decentralised, digitally distributed, cross-network public ledger, where they are openly viewable and cannot be edited, copied and pasted, deleted or manipulated in any way. It is thus easy to verify both who currently owns an NFT as well as a complete history of its transactions. More particularly, NFTs are part of the Ethereum blockchain, which means that, in order to buy an NFT, you first must buy the cryptocurrency Ether. NFTs and cryptocurrencies are thus inextricably linked.
The Origins and Uses of NFTs
While NFTs were first developed in 2015, they didn’t really take off until late 2017 with the release of CryptoKitties. A tradeable collection of dopey-looking cartoon cats, CryptoKitties was a cryptocurrency-enabled trading game described as ‘Pokémon cards for the Bitcoin era’. It allowed players to trade unique non-fungible tokens associated with a particular kitty image on the Ethereum blockchain and was a huge hit at the time. While the CryptoKitties game fad eventually died, the NFT concept and its relation to digital art endured, spurred on by accelerators such as the increasing normalisation of cryptocurrencies and advances in blockchain technology.
It was the subsequent combination of the art market’s foray into digital spaces and the cryptocurrency-based speculative goldrush that really turbocharged NFTs. Tapping into what Wired magazine calls a ‘primary high-quality hoarding instinct’, non-fungible tokens might rely on complex new technology but they scratch much older capitalist itches: promises of convenience, get-rich-quick schemes and immediate gratification.
Three factors accelerated this process: firstly, the extension of the creator economy and its attendant drivers of scarcity and fan economics meant that there was a greater desire to buy unique objects directly from artists. Secondly, several budding crypto magnates with lots of spare Ether coins had a desire to be seen as digital arts benefactors. And finally, a huge number of crypto speculators, who were hoping to get lucky by buying and flipping any blockchain-based asset in sight, flooded the market. Taken together, these trends turbocharged the popularity of NFTs in the digital art market.
Apart from digital art, however, non-fungible tokens are also becoming increasingly popular in other sectors such as gaming, events, and sports trading cards, with toy manufacturers and even companies like Nike moving into the NFT space. Small businesses, too, are looking to utilise NFT projects for their ‘marketing campaigns, promotional tools and customer loyalty programs’. There are certainly lots of uses for NFTs, which all carry risks and benefits.
Benefits and Risks of NFTs
There are clear advantages to utilising NFTs in the digital art market, which is why many see it as a natural evolution of fine art collection. For artists, it presents a potentially lucrative pathway to selling their digital art and receiving ongoing royalties. If an artist sells an NFT of their digital artwork on a primary marketplace such as SuperRare, the artist has access to a much wider audience and receives the lion’s share of the funds, with the platform taking a cut of between 3-15%. If the buyer of the NFT later decides to on-sell it to someone else in a secondary transaction, the artist receives 10% of the funds every time it gets re-sold, thereby receiving perpetual royalties in a way analogue artists do not.
Buyers, on the other hand, have a way to directly support artists they like through the purchase of an NFT linked to a particular work. They also gain particular usage privileges as well as bragging rights regarding their ownership of the work. If they are art collectors, they also have easy access to a speculative asset with easily verifiable provenance that might appreciate over time and can then be sold at a profit.
Benefits notwithstanding, there are also significant risks associated with non-fungible tokens. To begin with, while investors might think that the fundamentals of NFTs are sound, it can be a highly speculative asset class that easily leads to excess and/or loss. We don’t even have to go to extreme examples, such as someone paying $100,000 for a virtual racing car but can simply come back to the aforementioned NFT of Twitter founder Jack Dorsett’s first-ever tweet. In March 2021, Dorsett auctioned said NFT, which sold to the blockchain entrepreneur Sina Estavi for a cool $2.9million. Sensing that he had captured a key memento of the techno-cultural zeitgeist, a year later Estavi tried to on-sell the NFT for at least $48million but attracted a high-water-mark bid of … an underwhelming $277. This is a salutary lesson that NFTs can be highly speculative, and that speculation is simply another word for gambling.
Another major concern that non-fungible tokens share with cryptocurrencies which are similarly dependent on the blockchain is that the “minting” of NFTs caries huge environmental costs. In particular, the computer-intense proof-of-work system behind it has a massive carbon footprint, with reputable estimates placing the amount of carbon dioxide produced for a single NFT mint at about 100kg, roughly equivalent to a 1-2-hour flight. When several bids at an NFT auction are included in the calculation, CO2 output increases by multitudes, a clearly unsustainable scenario in an era of climate breakdown and one reason why many businesses are choosing not to deploy NFTs.
Besides environmental concerns, there are several other risks associated with non-fungible tokens. For one, minting currently costs a minimum of $70, meaning that NFTs usually start at a minimum price of $100, making them inaccessible for many. Secondly, since NFTs are structurally modelled after artwork rather than currencies or shares, NFT platforms and marketplaces are not financially regulated, nor do they consistently enforce consumer protection law, copyright infringements or other intellectual property law. This means that unscrupulous dealers could potentially manipulate the market or even mint NFTs to artworks they don’t have any rights to! Finally, there is concern that criminals might use the overpriced NFT market for money laundering purposes. Despite these concerns, however, the NFT market has exploded over the past three years – and, with it, the number of NFT scams and frauds.
The Inexorable Rise of NFT Scams
With sales and market value of non-fungible tokens scaling new heights year after year and projections of a total value of a quarter trillion dollars by the end of this decade, criminals have been quick to cotton on to the possibilities in front of them. Authorities caution that, ‘with so much money on the line, NFT scams are now everywhere’, while others are warning of the NFT space as ‘the future of financial crime’. One of the biggest crypto-art marketplaces, OpenSea, estimates that a whopping four out of five NFTs created for free on its site are fraud or spam!
Already, cybercriminals are targeting NFT creators, owners, buyers, and investors through a variety of means, including hacking, phishing and social engineering. In doing so, they employ and mirror many of the techniques used to steal cryptocurrencies from unsuspecting victims, including hacking and malware ‘that are intended to gain unlawful access to victims’ digital wallets that store NFTs and other cryptoassets’. Others use social engineering scams to induce victims ‘to invest in fake schemes involving NFTs and to divulge sensitive information that can be used to breach cryptoaccounts’. In a nutshell, NFT scammers either try to steal your crypto wallet login credentials or trick you into believing you were successful in purchasing or selling a legitimate NFT when it is in fact counterfeit or worthless. But exactly what kinds of NFT scams are there?
Rug Pull scams
By far the most common crypto scam with 40% of all cases and netting $2.8 billion just last year, rug pull scams rely on creating a seemingly legitimate NFT project designed to lure victims into purchasing ultimately worthless or non-resalable NFTs. Rug pull scammers hype their project through social media until there is enough buy-in before rapidly backing off and taking their investors’ money. If they fool enough people into thinking they have an exciting project on the go, the scammers will essentially run off and pocket the investment while leaving buyers with NFTs they have paid big money for, but which don’t deliver anything.
Phishing Scams: Fake NFT websites, email offers, social media, and customer support impersonation
Professional NFT scammers can create near-identical counterfeit copies of popular NFT websites and marketplaces, which serve a dual purpose: they get victims to spend thousands of dollars on non-existent NFTs on the fake website and compromise their real account information, which scammers can later use to steal all their crypto-assets. Likewise, fake emails with embedded links route targets to the same phishing websites, and social media impersonators trick victims into thinking there are real people selling them NFTs rather than deceptive cybercriminals. Setting up dedicated fake Discord servers, customer service impersonators pretend to “help” confused NFT owners with their questions by asking for personal login information to “resolve” the issue, which gives them uninterrupted access to victims’ cryptocurrency wallets.
NFT giveaways/airdrop scams
NFT scammers often promote fake NFT giveaway campaigns while posing as legitimate trading platforms on social media channels such as Discord. Also known as airdrop scams, free NFTs are usually promised via a fake but legitimate-looking link to those who spread the fake company’s message and sign up on its website. As with other similar scams, as soon as you link your cryptocurrency wallet, the fraudsters will use keystroke spyware to record your login details in order to steal your NFTs. Airdrop scams will often target sold-out and sought-after collections to bypass victims’ rational defences.
Counterfeit or plagiarised NFTs
Some NFT scammers do not own the rights to the artwork they are minting an NFT for. They simply copy someone else’s work without their knowledge and then sell it on to victims who have no idea that it’s a worthless counterfeit without any value.
This scam targets NFT owners who are trying to resell their non-fungible token. NFT scammers pose as buyers who place the highest bid before quickly switching the nominated cryptocurrency for one of lower value, hoping the seller doesn’t notice until the transaction is completed. One recent example of this is someone accidentally selling an immensely popular Bored Ape NFT for an incredibly low 115 DAI (a stablecoin pegged to the dollar) instead of 115 ETH (equal to $380k dollars)!
Pump and dump schemes
Also called “wash trading”, this NFT scam again copies older securities fraud schemes whereby fake bids from multiple accounts inflate the perceived value of an NFT until some poor chump pays over the odds for it, never knowing that the other bids were all generated by the same scammer seller.
A variation of an old scam that, in this iteration, banks on cryptocurrency users’ anonymity, investor scams appear to create a worthwhile NFT project investment opportunity, only to be taking off with everyone’s money and no project to speak of. One of the oldest tricks in the book.
What Enables NFT Scams?
While NFT scams vary in approach and target, they do share a set of common approaches. For one, they take advantage of the relative newness of the NFT market and many users’ ignorance of the detailed workings of cryptocurrencies. Scammers also make heavy use of social engineering, ‘which involves emotional appeals, such as fear, pity, and excitement, to victimize targets’. By establishing interpersonal relationships and building fake trust and commitment, scammers can gain access to victims’ private login information or convince targets to unwittingly click on fake links and download malware.
Another enabling factor in the rise of NFT scams is the lack of regulation and oversight when it comes to digital intellectual property rights, speculative financialization of crypto-assets and unauthorized replication, or phony creation, of NFT artworks. Among other things, this results in scammers generating and peddling NFTs of high-profile artworks without the artists’ knowledge or consent. It also leads to artists being asked to pay money to have fake NFTs made from their work.
Finally, despite the burgeoning investment in the NFT space, there is a distinct lack of consumer protection, with no recourse or refunds for victims of scams. This also extends to the separate storage of content and metadata, where the NFT smart contract is stored on the blockchain, whereas the linked data is stored separately. Thus, if the site or server hosting the data disappears for a host of legal or illegal reasons and the digital artwork can no longer be accessed, the NFT would become worthless. All of these issues require careful attention by governments and regulatory agencies.
How to Protect Yourself From NFT Scams
With NFT scams sharply on the rise, due diligence and extra caution have never been more important. Potential investors should do their research and ask plenty of questions before buying any NFTs, including on Discord and other social media sites. Understanding both the community behind an NFT project as well as its creators’ background and technical expertise is vital. Beware of inflated social media followings and cross-check different platforms.
If buying NFTs, make sure you always verify the URL of legitimate NFT marketplaces, the sender address of any emails received from NFT trading platforms as well as any associated social media pages. Also, check the blue verification tick system that is used on NFT marketplaces and Discord channels. Finally, utilise dedicated blockchain explorers and rug pull detection tools, and review the transaction history of any NFT you wish to purchase. The more you ask questions beforehand, the less you have to suffer nasty surprises afterward. Unfortunately, however, no system is a hundred per cent foolproof.
What to do if You Have Already Been NFT-Scammed
Even the most careful investors can still get burned. New NFT scams are popping up all the time and it takes a lot to stay on top of them all. While there are now plenty of articles online with useful tips and tricks of how to protect yourself from getting NFT-scammed, none of them have much to say about what you could do if the fraudsters already got to you. But this is where you need the most help!
Thankfully, Cybertrace has again innovated in this space and brought its considerable cyber fraud expertise to bear on solving the NFT scam problematic. As the first Australian provider of cryptocurrency tracing services to the public, our company is now able to offer another exclusive service: NFT scam investigation and comprehensive crypto asset tracing. While the blockchain is anonymous, our experienced investigators can trace cryptocurrencies used in NFT transactions back to the scammer when they try to cash out their ill-gotten gains at an exchange. Know Your Customer (KYC) legislation means they can’t hide forever!
With scammers operating in the shadows, police overwhelmed and lawyers unable to act if they don’t know who is responsible for the fraud, identifying the culprits behind NFT scams and getting your money back has long felt impossible. Fortunately, Cybertrace’s NFT and crypto asset tracing services can now provide you with the vital information needed for you to pursue justice and start recovering your assets with the help of your lawyer, the police and specialist asset recovery firms. Speak to our experienced investigators today to have Australia’s leader in the field of NFT and crypto asset tracing on your side.