Demystifying NFT Promotion and Phishing Scams

by   Sayak Saha Roy, et al.

The popularity and hype around purchasing digital assets such as art, video, and music in the form of Non-fungible tokens (NFTs) has rapidly made them a lucrative investment opportunity, with NFT-based sales surpassing 25B in 2021 alone. However, the volatility and scarcity of NFTs, combined with the general lack of familiarity with the technical aspects of this ecosystem, encourage the spread of several scams. The success of an NFT is majorly impacted by its online virality. There have been sparse reports about scammers emulating this virality by either promoting their fraudulent NFT projects on social media or imitating other popular NFT projects. This paper presents a longitudinal analysis of 439 unique Twitter accounts that consistently promote fraudulent NFT collections through giveaway competitions and 1,028 NFT phishing attacks. Our findings indicate that most accounts interacting with these promotions are bots, which can rapidly increase the popularity of the fraudulent NFT collections by inflating their likes, followers, and retweet counts. This leads to significant engagement from real users, who then proceed to invest in the scams. On the other hand, we identify two novel attack vectors which are utilized by NFT phishing scams to steal funds and digital assets from the victim's wallet. We also identify several gaps in the prevalent anti-phishing ecosystem by evaluating the performance of popular anti-phishing blocklists and security tools against NFT phishing attacks. We utilize our findings to develop a machine learning classifier that can automatically detect NFT phishing scams at scale.


A Large-Scale Analysis of Phishing Websites Hosted on Free Web Hosting Domains

While phishing attacks have evolved to utilize several obfuscation tacti...

Automatic Detection of Influential Actors in Disinformation Networks

The weaponization of digital communications and social media to conduct ...

Racism is a Virus: Anti-Asian Hate and Counterhate in Social Media during the COVID-19 Crisis

The spread of COVID-19 has sparked racism, hate, and xenophobia in socia...

Evaluating the effectiveness of Phishing Reports on Twitter

Phishing attacks are an increasingly potent web-based threat, with nearl...

Understanding and Characterizing Cryptocurrency Free Giveaway and Arbitrage Bot Scams In the Wild

This paper presents a large-scale analysis of two prevalent cryptocurren...

Identification and characterization of misinformation superspreaders on social media

The world's digital information ecosystem continues to struggle with the...

Recommending Investors for Crowdfunding Projects

To bring their innovative ideas to market, those embarking in new ventur...

Please sign up or login with your details

Forgot password? Click here to reset