Scammers are at it again. This time, a suspected bug insider NFT marketplace OpenSea was exploited through a suspicious address claiming to be an affiliate of Bored Ape Yacht Club.
Scammers are once again testing the security of the blockchain through a phishing attempt aimed at the Web3 community. Recently, a dubious address masking itself as an official Bored Ape Yacht Club (BAYC) affiliated address tried to scam blue-chip holders and Web3 influencers.
Using the BAYC developer contract, the suspicious address sent several fake NFT land packages by taking advantage of a suspected bug inside the NFT marketplace OpenSea. Supposedly, the code inside the NFT can initiate transfers regardless of who owns a wallet.
Fake BAYC Metaverse Unwittingly Dragged into Scam
It’s not surprising that scammers would try to use one of the most popular NFT projects, such as BAYC, to lure unwitting victims. People will not think twice about such transactions involving a particularly famous NFT project. However, as users of Web3 become more experienced, phishing attempts in the guise of surprise NFTs present more of a red flag.
A thorough inspection of the phishing address, as shown in the image below, reveals the scammers’ intentions.
Reviewing the recent transactions in the image above, it’s easy to see how the address in question pulled the fraudulent NFTs (the ones in the RED box) from the BAYC contract (the ones in the BLUE box) to mask themselves as legitimate source. Then, in an attempt to steal assets from holders’ wallets, the bogus NFTs are sent to different wallets (the ones in the GREEN box).
Nevertheless, examining the address that triggered the transactions (the one in the YELLOW box) will reveal that it doesn’t match the one in the blue box. It only means that the fake NFTs are not even closely related to the BAYC community.
The Battle with Defi Scams Continue
The battle with scammers trying to exploit decentralized finance will continue to rise, and the only thing that NFT marketplaces like OpenSea could try to do is try to fight bug exploits and the onslaught of scammers. As it is, OpenSea is seeing to it that its clients are protected by offering advanced customer support by using Web3 technology and partnering with communication platforms such as Metalink.
Such scams typically go after users with wallets containing significant assets. However, any user can fall victim to phishing attacks. Users’ security inside Web3 must be of utmost priority. Users can only do so much in battling scammers. Still, if they really want their Web3 browsing experience to be safe and secure, they must ensure they have multifactor authentications set in place and have hardware wallets.
“As we want to interact more fully with the NFT ecosystem. Our goal is to provide you with a direct line of communication with OpenSea so that you may get support, provide comments, receive updates, and provide any other information that would help us better serve you,” said OpenSea’s head of the community, Stevey Tromberg.
Get more news updates
Get more NFT news updates at CollectorX News. For more information on CollectorX, and details on how to join our community, please follow our Twitter, join our Discord, or subscribe to our Telegram channel for more updates.