NFT scams - how not to be a victim

David Bailey



With crypto-based and NFT scams becoming increasingly more sophisticated, it's easier to fall for them than ever.

Although NFTs have much broader use cases in supply chain, drug development, gated communities, the most known use case is still buying and selling digital art. And when it comes to any exchange of money, there will always exist people trying to scam others. 

The use of these cryptographic assets for trading digital art caught the attention of web enthusiasts worldwide after reaching a market value of $87 billion in February 2022. However, as NFT popularity rose, so did public interest in 'NFT scams.' Searches for the term peaked at an all-time high in the first week of February 2022 on Google. 

As is with procuring any pricey collectable, buyers should make themselves aware of the NFT scams and fraud schemes used to deceive them. Our team has collated this NFT scams guide so buyers can educate themselves on almost everything there is to know, from what they are to how they work. 

Scams target people of all backgrounds. 

Scammers succeed because what they do seems natural to you, but usually, they are too good to be true. At Supplain, we want to educate our community about cryptocurrency, NFTs and safety. Here is our guide to help you avoid getting scammed.

Resources you'll love:

What are NFTs?

Non-fungible tokens (NFTs) are one-of-a-kind digital assets exclusively belonging to an owner. They exist on a blockchain, also known as a digital ledger. 

'Non-fungible' refers to their uniqueness and protection from counterfeiting, replicating or replacing. NFTs can exist on blockchains, for example, the Ethereum blockchain, meaning you can only use Ethereum (ETH) cryptocurrency to create, store and trade an NFT on this digital ledger. 

How do NFT scams work? 

NFT scams when trading digital art succeed by either tricking you into believing you successfully purchased or sold a legitimate NFT or stealing your cryptocurrency wallet login credentials.

Online hackers and cybercriminals are attracted to the enormous monetary value attached to digital assets; hence, they adapt their scamming methods to include phishing and social engineering to steal NFTs or break into crypto user accounts. 

With eye-watering five or even six-figure price tags being charged to buy NFTs, scammers are inevitably attracted to them. These amounts may seem like a lot for a JPEG; however, NFT creators will respond with the following: utility

Because NFTs create a digital record of ownership on the blockchain (known as 'minting'), this digitally tokenised artwork can also serve as an exclusive membership ticket to online clubs, gaming communities, music concerts, Discord chat rooms and other metaverse experiences.

At least, that is, in theory. 

But in practice, NFTs are still a new concept to mainstream audiences. Whilst blockchain enthusiasts consider them an exciting signal that mainstream crypto adoption is on its way, NFTs sadly create some lucrative opportunities for scammers due to the pure volume of money exchanging hands.
Here are the biggest NFT scams concerning losses in buying and trading NFT artwork, how to avoid them and why they're becoming so frequent.

Popular NFT scams

Phishing scams

Phishing scams involve tricking users into willingly giving over their personal information, which scammers can then use for malicious purposes.

For instance, when buying your first NFT, you'll need to sign up for a wallet that transacts on a blockchain, like Ethereum. Because MetaMask is the most popular Ethereum wallet for NFT collectors, it began to be targeted by NFT scammers. The phishing scam included phoney ads that asked for users' 12-word security seed phrases.

Once a scammer gets ahold of your 12-word security seed phrases through a phishing attempt, they can drain all of the crypto tokens in your digital wallet.

When signing up to purchase your first NFT, always check to use the right websites to open a wallet and never share security seed phrases.

Fake and replicated NFT websites 


NFT scams can be very sophisticated. Cybercriminals can replicate NFT marketplaces and websites to convince users they are the real website and fool them into compromising their account information.

Because of the level of sophistication, users cannot determine which page is legitimate or a counterfeit one; even experienced NFT owners can get tricked.

NFT scams like this sadly result in individuals spending thousands on counterfeit digital artwork — thus becoming worthless on the NFT market.

Always verify the website or NFT marketplace URL you use before logging in to avoid this scam.

Bogus or fake NFT offers 

Similar to the above, NFT scams include posing as an NFT trading platform or marketplace and sending fake emails to NFT owners. These phishing emails aim to get NFT owners to follow an embedded link taking them to a fake NFT marketplace with an enticing offer.

Once there, you'll be asked to log in and enter your details to obtain your NFT offer. Sadly once you do this, scammers use keylogging or spyware to record your information and then steal your NFTs from a real NFT marketplace.

Always check the sender address of any email received from an NFT trading platform - message them and ask do they send these types of emails? 

NFT giveaways or airdrop scams 

"Are NFT giveaways and airdrops legitimate?" 

The quick answer is not always. 

NFT scammers pose as legitimate trading platforms for NFT holders to promote NFT giveaways, also known as airdrop scams. They promise a free NFT in return for spreading their message and signing up for their website.

However, once you link your crypto wallet to receive the NFT prize, scammers record your details and then steal your NFT once they have gained access to your account.

Avoiding this scam can be tricky, but typically we advise examining the account's social media page for verification or ensuring the link sent matches the NFT company's URL.

Social media impersonation

Used as a way to scam others using an NFT giveaway or airdrop, impersonating another NFT owner on social media has been trending a lot lately. 

Using similar sophisticated details as they would a fake BFT website, cybercriminals create an online profile, copying a true NFT holder's details to convince others of their credibility and then sell them counterfeit NFT collectables.

Check the blue verification tick next to a seller's profile to verify their identity. Maybe even direct message them to seek if they are genuine. Scammers will eventually trip over their own lies.

Impersonating well-known brands

Hopefully, most of us will recognise this quickly as something too good to be true. Social media accounts of legitimate organisations like Binance are copied to obtain access to your personal details, namely your wallet credentials. The fake business social media account will often have a URL to a phoney website, too. The URL is a slight variant of the valid business web page.

Again, check for the blue verification badge; if it is not there, then definitely question the validity of the social media account and even report it if it is fake.

Impersonating customer support  

Hackers will use the NFT owners' questions against them by impersonating customer support pages on apps like Discord, Twitter or Telegram. 

This NFT scam includes creating fake servers to connect to and then asking for personal details so that the fake customer support can 'resolve' their issue. Yet, in practice, they are gaining uninterrupted access to your crypto wallet.

To avoid this customer support scam, only access the Telegram or Discord server created by the NFT creator's official website or social media account. 

Fake NFT projects (rug pull scams) 

NFT projects are another way scammers trick people into parting with their money, known as rug pull scams. Scammers create what appears to be a legitimate NFT to lure people into buying it but eventually turns out not to be resellable, effectively destroying any future value.

The NFT owner then realises they paid an extreme amount of money for an asset that won't appreciate as they believed it would.

Use blockchain explorers and rug pull detection tools to identify these kinds of NFT scams. 

Counterfeit or plagiarised NFTs

NFT buyers must note that minting digital files does not make it a new piece of intellectual property or provide the minter with ownership, two characteristics of NFTs.

Scammers use minting to lure people into believing they are buying a unique NFT. Scammers plagiarise other NFT owners' work and then create an account on a trading platform and auction it off to the highest bidder. Sadly, the asset that is purchased loses its value once the buyer realises it's a counterfeit NFT. 

Confirm the seller's credibility by checking the blue verification tick next to the seller's Discord or social media profile. 

Bidding scams 

NFT bidding scams occur once an NFT is being resold. Once interested buyers place their highest bid, they usually switch to a lesser-value cryptocurrency. For example, instead of receiving 10 ETH, they could receive 10 MATIC instead.
Bidding scams happen primarily with NFT holders looking to resell their NFT, thus mainly in the secondary market.

Always cross-check the currency used during any transaction and never accept bids lower than you initially intended. 

Investor scams 

Investor scams occur whenever money is transacted - and the situation can be worse when dealing with cryptocurrency.

Scammers create projects that seem a worthy investment, then entirely disappear with the funds they collected from investors when they paid (even if only partially paid, like a deposit). Recently, an NFT developer, "Evil Ape," collected almost $2.7 million in investments — never to be heard of again. 



Find contact information for the NFT creator you want to purchase so you can verify them before transferring money.  

Pump and dump scams 

Like securities fraud, experienced NFT scammers use "pump and dump" scams to drive up an NFTs price. Scams are done by making several bids within a short period to make it appear that this particular NFT is popular, playing on people's FOMO (Fear Of Missing Out). Once it gains traction and the selling price reaches a higher number than initially valued at, the scammer cashes out and sells to the highest bidder. 
Pump and dump scams are sadly rising in the NFT and crypto worlds. 

Pump and dump scams are hard to detect. We suggest reviewing the transaction history of the desired NFT. Several transactions centred around one date could indicate a pump and dump scam.

How to avoid NFT scams  

1. Never click on suspicious attachments or links 

Never, ever click on links or attachments related to your NFTs if you do not know or are unsure who it is from. Cybercriminals frequently use phishing emails to get the public to compromise their MetaMask wallet credentials.

2. Create strong passwords 

Creating unique, strong passwords for your cryptocurrency wallet and other NFT accounts would be ideal. It would be best if you always considered 'leetifying' your passwords. 

To leetify, a text replaces standard alphabetical letters with unique numbers or symbols. Leetified passwords are more challenging to guess or crack. Leetifying can help protect you from NFT scams that will attempt to steal digital assets from weak passwords.

3. Enable two-factor authentication 

Activating two-factor authentication (2FA) on all of your NFT accounts will ensure scammers can't get their digital hands on your collectables. Apps like Google Authetitcaor or using biometric data on your smartphone like fingerprint scanning and facial recognition helps make it impossible to replicate your identity.

4. Never share your recovery or seed phrase 

The same as your regular passwords, people should never share their seed or recovery phrases with anyone. Doing so will compromise the NFTs, cryptocurrencies and any other kind of crypto assets stored in your wallet.

5. Always crosscheck the NFTs price 

Before purchasing an NFT, check the price on an official trading platform like OpenSea or Mintable. If the price appears much lower than what's listed on a legitimate trading site, then immediately question its true value.

6. Verify NFT seller accounts 

When purchasing an NFT, always verify the NFT seller's account to determine if they are real. Flip through their Discord and social media profiles and check the blue checkmark that verifies their identity. 

7. Use a cold storage wallet

A cold wallet, otherwise known as a hardware wallet or cold storage, is a physical device that keeps your cryptocurrency completely offline. Many look like your standard USB drives. Taking your holdings offline helps protect you from hacking and online attacks, but you can also risk losing your holdings if you lose the device or it becomes damaged.

Now that you know the trending NFT scams on the internet, be sure to save this guide when you begin to trade, buy or sell an NFT and beware of the potential signs of NFT fraud. In a world of emerging online cybersecurity threats, there's no better feeling than learning how to help protect yourself and avoiding being a victim of NFT fraud.
Remember, if it sounds too good to be true, it is.

These might be of interest: