The number of phishing scams with so-called airdrops for cryptocurrencies, and especially non-fungible tokens (NFT), is on the rise, cybersecurity firm Malwarebytes reported May 3.
Airdrop phishing: what is it, and how is my cryptocurrency at risk? https://t.co/kWG09l06fi
— Malwarebytes (@Malwarebytes) May 3, 2022
Crypto Scammers Operate Via “Airdrop Phishing”
Airdrops are a popular method for newer crypto projects to attract investors by giving away free tokens, or in some cases NFTs. However, that comes with a new form of scam called Malwarebytes “airdrop phishing” calls.
More and more web pages are popping up for this new method of scamming. This concerns websites that make users think that they can claim free tokens or NFTs via an airdrop. However, this is fake.
These kinds of websites trick users into thinking that they can link their wallets to claim free token(s). However, once the user does this, they get an error message. They are then asked to manually link their wallet by entering their password and/or recovery phrase to pass. Once this is done, however, they have given access to the fraudsters to drain the wallet.
“Airdrop phish pages try to ensnare as many cryptocurrency users as possible. No matter how obscure your digital currency of choice is, or how unusual your wallet is, a scam is waiting for you.”
Bored Ape Yacht Club NFTs especially popular among scammers
Bored Ape Yacht Club (BYAC) NFTs are especially popular for scammers to take advantage of, reports Malwarebytes. Recently, $3 million worth of Bored Ape NFTs was stolen from Instagram.
“Anything related to monkeys is a giant dollar sign in the sky for fraudsters, and the variety of fake pages out there reflects this.”
The launch of the recent Moonbirds NFTs has also been accompanied by a new batch of scammers.
Malwarebytes warns that no one should ever ask for your password, which is an immediate red flag. It is also usually a red flag when websites first ask for money or crypto in exchange for a free token.