Scammers Use Airdrops to Lure Users With Phony NFTs
Researchers at Check Point warn that scammers are using airdrops to distribute phony non-fungible tokens (NFTs) that direct users to malicious sites.
“This campaign is unique in its methodology, employing a source spoofing technique to target a broad spectrum of token holders,” the researchers write.
“It specifically focuses on more than 100 highly popular projects, aiming its attacks at token holders. For instance, if you are listed as an APE token holder, the attacker would send you an airdrop labeled as an Ape NFT airdrop. The rationale behind this is that the attacker lacks access to the email addresses of APE token holders and, consequently, cannot directly identify the token owners. To circumvent this, the attacker devised an alternative method of reaching out to specific token holders through NFT airdrops linked to a specially crafted website for each targeted token. This approach lends the transactions an appearance of legitimacy, seemingly originating from trusted sources.”
The airdrops are designed to trick users into visiting a phishing site and connecting their cryptocurrency wallets in order to receive the NFT.
“The website typically presents the victim with an opportunity to claim the NFT or access some exclusive benefit associated with it,” the researchers write. “In doing so, it prompts the user to connect their cryptocurrency wallet to the site. This step is common in legitimate NFT interactions, which adds to the illusion of authenticity. However, the critical difference here is that, once connected, the site will attempt to trick the user into signing a transaction that grants the scammer access to the user’s funds.”
Check Point concludes that users should always be wary when dealing with digital assets, especially when an offer seems too good to be true.
“This type of attack exploits the trust and excitement that can come with receiving an NFT, particularly from a seemingly reputable source,” the researchers write. “The combination of a fake AIRDROP with a phishing website represents a sophisticated and multi-faceted approach to scamming. It underscores the importance of being extremely cautious when receiving unexpected digital assets and highlights the need for heightened vigilance when interacting with any external links or websites associated with such assets.”
KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Check Point has the story.
Free Phishing Security Test
Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.
Here’s how it works:
- Immediately start your test for up to 100 users (no need to talk to anyone)
- Select from 20+ languages and customize the phishing test template based on your environment
- Choose the landing page your users see after they click
- Show users which red flags they missed, or a 404 page
- Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
- See how your organization compares to others in your industry
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/phishing-security-test-partner?partnerid=001a000001lWEoJAAW