Tricks Attackers Use To Scam People Buying NFTs

Share post:

Cisco Talos researcher, Jaeson Schultz has uncovered several tricks cybercriminals could use to defraud users buying or minting NFTs. This includes malicious smart contracts, sleepminting, and seed phrases.

The seed phrase is a representation of a long string of random numbers. A digital wallet uses it to generate the private keys that let users send and spend their crypto.

Bad actors, therefore, disguise themselves as customers service agent while offering to help users as long as they provide the seed phrase for their wallet.

Sleepminting involves attackers using malicious smart contracts to mint NFTs to other people’s wallets. The minted NFTs are then transferred from those other wallets so the NFT can be sold to an unsuspecting buyer.

Steps NFT buyers can take to protect themselves include using good security fundamentals (solid passwords, MFA), and examining internet, ENS domain, and crypto wallet addresses.

Others include using a hardware wallet to add another layer of security, rejecting every request to disclose their seed phrases, researching their purchases, and verifying the source code of a smart contract before buying anything.

For more information, read the original story in TechRepublic.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Leaked documents may show the inside of China’s hacking strategy

Documents apparently stolen by disgruntled employees to embarrass their firm may give insight into China's cyber

Abuse of valid accounts by threat actors hits a high, says IBM

Attackers are finding that obtaining valid credentials is an easier route to achieving their goals, s

Cyber Security Today, Feb. 21, 2024 – A patch warning from ConnectWise, the latest ransomware news, and more

This episode reports on a report comparing business email compromise attacks against ransomware

UK leads takedown of LockBit ransomware gang’s website

The LockBit ransomware gang’s website has been seized, several news agencies reported late Monday. The Reuters news agency and The Register are carrying stories based on a new splash screen that has appeared on the gang’s website. It says, “This site is now under the control of the National Crime Agency of the UK, working

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways