Large capital investments usually carry an increased risk of misuse, as do non-fungible tokens, which can be worth a lot of money. The more popular they became, the more ways hackers found to steal the virtual goods. But how is this even possible?
Finally, the blockchains on which NFT trading takes place represent the security of decentralization par excellence. How secure are NFTs really on a blockchain? These precautions should be taken if you want to protect your tokens from scammers and hackers as much as possible.
Hacker attacks in the past
Not long ago, the Instagram profile of the well-known NFT club Bored Ape Yacht Club (BAYC) was hacked and the perpetrators were able to loot NFTs worth millions. The hackers managed to gain access to the profile despite 2-factor authentication. They posted a link that promised members access to exclusive content. In order not to miss this opportunity, users willingly entered their personal information. Using the data, the hackers were able to access the NFT holders’ wallets and steal the digital goods.
Scammers exploit people’s trust and naivety
This example shows that people quickly disclose personal data without first checking if the offer is legitimate. The hackers managed to abuse the users’ trust in the club. It also shows that they exploited the hope and naivety of the people. Access to your own wallet can be lost pretty quickly. The perpetrators only need the seeding or a pin number with which the wallets are secured. The NFTs stored on it can be transferred to another wallet and the owners lose any right of recourse. From the outside, this process resembles a legal transfer of ownership.
Use of purses without storage function
First and foremost, it is important to use a secure wallet. Purses without storage function are ideal for this. Depot wallets with a depot function have the disadvantage that NFTs are stored on a stock exchange or marketplace. It is only possible to a limited extent to control your virtual goods and guarantee security. Wallets without a storage function, on the other hand, offer independent monitoring. You can secure them with a long seeding, as is the case with Ledger, a pin number or the connection to a physical device. That way, you are better protected against phishing attacks, which is a commonly used scam. If you are still using a depository wallet, it will make sense to switch to a wallet without a depository function. NFT theft is still possible even if you do not share your seeding or pin. However, this makes access difficult and hackers have a hard time.
Trading in established markets
If you want to buy or sell NFTs, you should choose a credible market that has a proven track record. If there are almost no negative headlines about the trade and if it has a large user community, it can be used for buying and selling. Established markets even take precautions, for example when verifying dealers. In this way, safe trading and the best trading experience can be guaranteed. In the well-known NFT market OpenSea, for example, the history of the trades can be seen. Users can check if the trader has already made some successful trades. If this is the case, you can be sure of the trading partner’s reliability. To prevent NFT theft, one should take advantage of this offer and take a look at the contract partner’s history before trading.
Verification of offers
When trading in NFTs, it is imperative to carefully study the offer before accepting it. You should get an overall picture of the trading partner, for example, by looking at their transaction history. In addition, reviews provide information on whether a user is trustworthy. If he has good reviews and has already completed many successful deals, you can get involved in his offer. However, being quickly pressured to accept an offer should be a deterrent. Since scammers often take advantage of people’s naivety, you should also avoid accepting offers that seem too good to be true. This also applies to offers from supposedly credible dealers. As in the case of BAYC, these could have been hacked. That is why it is important to check every single offer.
To avoid NFT theft as much as possible, one should take as many precautions as possible. This includes the use of a wallet without storage capacity as well as confirmation of sellers and offers. In addition, NFT trading should only take place in established markets. You need to be absolutely sure that you are dealing with a credible dealer before accepting an offer. And it is just as important to check the individual offer. Finally, the BAYC example makes it clear that reliable dealers can also be hacked, and therefore there can be false offers. Only by considering all these factors will it be difficult for scammers to steal NFTs.