Browse Definitions :

Nabugu -

8 ways to avoid NFT scams

People and businesses are turning to NFTs to make money, trade collectibles and use as promotions. But scams are also trying to trick people and businesses out of money.

Nonfungible tokens are taking the digital world by storm with people making money and trading these digital assets. But there are also plenty of scams to dupe people and businesses out of money.

In March 2022, threat actors stole more than $600 million from Sky Mavis, developers of the popular NFT-based game Axie Infinity. The threat actors used hacked private keys to make withdrawals out of people's digital wallets.

Along with people trading and creating NFTs in marketplaces, businesses are using NFTs for the following:

  • domain name ownership;
  • customer promotions and loyalty programs;
  • identification and documentation;
  • supply chain and logistics;
  • art, sports, luxury brands or other forms of memorabilia; and
  • real estate transactions.

There are ways to be safe with NFT transactions and avoid falling victim to various scams.

What is an NFT?

A nonfungible token (NFT) is a unique form of digital asset on a blockchain. These digital assets are not interchangeable, unlike other types of cryptocurrency, and provide ownership authentication. All blockchain transactions appear in a digital ledger to record ownership.

Each NFT is unique and cannot be recreated or replaced. The following are examples of NFT types:

  • image
  • file
  • cartoon
  • virtual real estate
  • pet
  • video
  • trading card

People buy NFTs as unique investments and collectibles.

NFTs can sell for millions of dollars. For example, digital artist Beeple sold one piece of NFT artwork for more than $69 million. Other NFT collections, such as Bored Ape Yacht Club and CryptoPunks, are also selling for hundreds of thousands of dollars each.

The NFT market had $17.6 billion in sales in 2021.

Collage image of CryptoPunk NFTs
Collage of the CryptoPunk NFTs that are popular for collecting and trading

Common types of NFT scams

NFT scams either deceive people out of money directly or get credentials to access a person's digital wallet or cryptocurrency wallet. Unfortunately, it is hard to recover lost money or stolen digital wallet credentials after a scam.

Here are some of the more common types of NFT scams to watch for.

Rug pull

Scammers pull buyers in by promoting a fake NFT project or collection and promising them that they will make money. The scammers hype this asset on social media, but after it is purchased, all the promotion and any unfulfilled promises go away. This causes the value to drop drastically. The scammers also remove the ability to sell this NFT.


Phishing may be an old scam, but it's still popular. Typically, a phishing scam involves phony advertisements, emails and pop-ups taking people to a fake website. The fake website then requests users' private wallet keys to gain access to their digital wallets. Once scammers get a hold of this private information, they can deplete any NFT collections or cryptocurrency in the digital wallet.


Scammers use social media to promote NFT giveaways. The promotions typically offer a free NFT for spreading the word to friends or signing up on their websites. When it is time to collect the prize, the scammers ask for cryptocurrency wallet information to send the NFT, but instead, they gain access to the account and take any money or NFTs in the person's wallet.

Social media impersonation

Cybercriminals create online social media profiles to convince people to buy fake NFTs. They use social media to make their fake websites look legitimate.

Bidding scams

A bidding scam happens when someone tries to resell their NFT. After getting the highest bid, the scammer -- the highest bidder -- switches out the cryptocurrency to one of a lesser value. It may appear like the highest amount, but some cryptocurrency is worth less than others.

Click here to learn about cryptocurrency market prices.

Investor scams

When selling or buying NFTs, people remain anonymous, which makes it easier to create investment scams. With an investment scam, threat actors create a seemingly worthwhile project to invest in. After collecting money, they disappear without a trace.

A recent investor scam with the Evil Ape developer stole nearly $3 million in investments. Evil Ape appeared as part of the legitimate Evolved Apes project but vanished after collecting money.

Pump and dump

A pump-and-dump scam happens when a group buys a large amount of cryptocurrency or any other currency to drive the price up for demand. After the price increases -- or pumped up -- the group then sells -- or dumps -- the asset to cash in on the gains, and everyone else loses out.

Counterfeit NFTs

Scammers may steal or copy artwork and then list this counterfeit content on legitimate sites, such as OpenSea. Because it was stolen, copied or fake, the NFT has no value. The person has already made the purchase before realizing it is counterfeit.

Most NFT scams try to steal cryptocurrency wallet information or dupe people into purchasing a fake NFT.

8 tips to avoid scams

Most NFT scams try to steal cryptocurrency wallet information or dupe people into purchasing a fake NFT. Here are some ways to avoid these scams:

  1. Keep keys private. Never share cryptocurrency wallet information with anyone. These keys should be private, along with any recovery codes. No one needs to know these passcodes for any reason.
  2. Research the NFT seller. Before purchasing, look at the seller's NFT marketplace account, and check for the blue check verification mark. Also, research the seller's social media accounts, check other listings from this seller and look for any online reviews.
  3. Review transaction history of NFT. Be wary of NFTs with transactions on one day.
  4. Do not click on suspicious attachments or links. Even if the link looks to go to a real site, it can still be fake. It's best to always visit the site directly and not click on any links.
  5. Cross-check NFT prices. Before buying an NFT, go to trading platforms, such as Axie Marketplace, Mintable or OpenSea, to see if the prices are similar. If the price seems much lower or higher than those on these legitimate trading sites, it's most likely a scam.
  6. Watch the bids. Before accepting any bid, be sure to double-check the currency. Don't accept anything lower than expected.
  7. Create strong passwords. Be sure to create strong passwords for NFT accounts and cryptocurrency wallets. Two-factor authentication is another way to keep NFTs safe. Using facial recognition or fingerprints makes it more difficult for someone to steal an identity.
  8. Use reputable NFT exchange markets. Don't believe offers that sound too good to be true. New marketplaces are popping up all over and offer minimal security. Stick to reputable exchange markets, such as OpenSea, Rarible, Mintable, Foundation, MakersPlace and Axie Marketplace.

How to secure an NFT

After purchasing an NFT, it's best to move it to cold storage or hardware, such as Trezor or Ledger, and away from the marketplace account, which can be hacked by scammers. Cold storage options are safer because all the key information is in the device itself and not easy for threat actors to gain access to.

Another common way to store NFTs is in a software wallet, such as Coinbase or MetaMask. However, the access information of these wallets is stored online, so it can be found easier than those on a cold storage device.

Next Steps

9 common cryptocurrency scams in 2022

How is cryptocurrency valued?

FTX scam explained: Everything you need to know

Dig Deeper on Authentication and access control

  • remote infrastructure management

    Remote infrastructure management, or RIM, is a comprehensive approach to handling and overseeing an organization's IT ...

  • port address translation (PAT)

    Port address translation (PAT) is a type of network address translation (NAT) that maps a network's private internal IPv4 ...

  • network fabric

    'Network fabric' is a general term used to describe underlying data network infrastructure as a whole.

  • digital innovation

    Digital innovation is the adoption of modern digital technologies by a business.

  • business goals

    A business goal is an endpoint, accomplishment or target an organization wants to achieve in the short term or long term.

  • vertical SaaS (software as a service)

    Vertical SaaS describes a type of software as a service solution created for a specific industry, such as retail, financial ...

  • employee onboarding and offboarding

    Employee onboarding involves all the steps needed to get a new employee successfully deployed and productive, while offboarding ...

  • skill-based learning

    Skill-based learning develops students through hands-on practice and real-world application.

  • gamification

    Gamification is a strategy that integrates entertaining and immersive gaming elements into nongame contexts to enhance engagement...

Customer Experience
  • Microsoft Dynamics 365

    Dynamics 365 is a cloud-based portfolio of business applications from Microsoft that are designed to help organizations improve ...

  • Salesforce Commerce Cloud

    Salesforce Commerce Cloud is a cloud-based suite of products that enable e-commerce businesses to set up e-commerce sites, drive ...

  • Salesforce DX

    Salesforce DX, or SFDX, is a set of software development tools that lets developers build, test and ship many kinds of ...