As non-fungible tokens (NFTs) attract more users, they are also attracting the attention of scammers. Malicious parties within the Web 3.0 space have set their sights on digital collectibles, losing millions to scams and various types of attacks.
However, according to professionals working in the Web 3.0 space, there are multiple ways and tools to avoid falling victim to NFT theft. In addition, users can also take various measures after losing their digital collectibles due to hacks.
Ronghui Gu, co-founder and CEO of blockchain security firm CertiK, told Cointelegraph that the first and most important step is always due diligence. “Avoid clicking on suspicious links and be very careful when signing token approvals,” Gu said.
Going a step further, the executive shared other good practices such as periodically checking and revoking unnecessary permissions and distributing NFTs in different wallets depending on their purpose. He also explained that:
“Long-term holdings should be held in a secure wallet that interacts minimally, if at all, with other applications. Hardware wallets have a bit of a steep learning curve, but the time investment is well worth it.”
Asked what can be done when assets are lost, Gu replied that it’s a shame, but “there’s not much” users can do to get them back. However, NFT marketplaces can blacklist them so they can’t be traded again. “Raising awareness of common scams is an ongoing effort. Educating users about the safest ways to transact and how they can minimize their risk is the first step,” she added.
While physical wallets can be a great solution, Michael Pierce, CEO of security company NotCommon, says risks remain. He explained that:
“People should buy hardware directly from the manufacturer to minimize any chance that the wallet has been tampered with before the person receives it.”
In the meantime, if the scam or attack has already occurred, Pierce recommended victims report it to databases like NotCommon “to help keep others safe and identify the scammer.” If the potential losses are significant, the executive urged victims to take legal action if possible.
Mohamed Issa, a senior strategist at data firm Chainalysis, also shared some thoughts on the subject. According to Issa, as NFTs become one of the fastest growing areas in the crypto space, it is becoming a “target for hackers.” He explained that
“NFT transactions are creating a new challenge for cryptocurrency research as decentralized protocols are more complex and very difficult to trace compared to traditional centralized services.”
Issa also spoke to Cointelegraph about the importance of being proactive when you are a victim of theft. While it’s very important to report scams and hacks to law enforcement, he believes NFT holders can protect their investment with tools like Storyline, analytics software created by his company.
Issa believes the tool can allow users to assist investigators after being hacked and help them focus on the transactions and funds that matter most.
BNB Chain’s director of growth operations, Alvin Kan, also shared that users can use tools like revoke.cash – a way to check wallet status and revoke approvals – and browser extensions that provide risk warnings before sign contracts.
Within the BNB Chain ecosystem, Kan told Cointelegraph that there are community efforts to provide more NFT-specific security tools. The executive discussed an NFT tool that detects the authenticity of each token called GoPlus and other on-chain initiatives like DappBay’s Red Alarm and AvengerDAO, which Kan believes help users stay one step ahead of scammers. . He explained it this way:
“These tools, with input from ecosystem projects, assess project risk levels in real time and alert users of potentially risky DApps so that users do not interact with malicious DApps and contracts.”
After becoming a victim of a hack or scam, Kan stressed that it is important to go to NFT markets. When all else fails, the executive said that burning the token may be a last resort. Contacting the NFT project and asking them to burn the affected or stolen token may be the final solution.
Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information presented here should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the entire amount invested may be lost. The services or products offered are not directed or accessible to investors in Spain.
