Status of NFT Scams to Watch Out For in 2022 

Nft Scams 2022

Table of Contents

Read Time: 7 minutes

The digital trading era is molding itself into numerous forms, right from the dawn of cryptocurrencies to taking shape as NFTs. While the NFTs caught worldwide acceptance in 2021, with many people pouring their investments, this has also attracted the finding of new ways to steal money. 

It has been recorded that since September 2021, there have been 90, 000 fraudulent NFT transactions. The amount lost to crypto scams alone is nearly $14 billion.

NFT Scams And Stumbling Figures

The sales figure at the start of the year 2022 stirred up the heat in the NFT sector, rising beyond $4 billion. 

However, these numbers started dwindling so low that they reached $1.21 billion in April 2022. Security threats and lack of regulation attribute to the grave cause of the prevailing situation. 

Events like rug pull, phishing links, pump and dumb, and others are the ways adopted by digital scammers to launder NFT assets. For better understanding, let’s have a rundown on variants of NFT scams in today’s times. 

This blog brings to light the different scenarios of NFT thefts happening in the crypto space and the real-time instances of NFT scams. 

Top Prevalent NFT Scams

Rug Pull

Rug pulls are most commonly observed in the overall crypto space. The owner or company creates hype around the NFTs, which routes to soaring prices. It is by which investors are convinced of the worth of NFTs and tend to buy those. Soon after that, the promoters stop backing up the assets, leaving the investors to bear the losses.

Records Of Rug Pull Events

“Evolved Apes,” a unique collection of 10, 000 apes designed to be deployed in battle, and on winning, the players were told they would be rewarded with Ether. Soon it was spotted that the developer absconded with 798 Ether or $3 million funds of the investors who bought the apes. 

Evoleved Ape

“Frosties” project comprising 8, 888 NFTs, each priced at approximately $130, was launched and got the eyes of the investors. But the project developers ran off after the sale of NFTs amounting to $1.1 million while dumping the investors without fulfilling the promise of making upgrades to Frosties in the future.

How To Avoid Rug Pull NFT Scam?

  1. Do thorough research diligently before investing in a project. 
  2. Check if the marketplace is trustable and has good scope to buy and sell NFTs. 
  3. Browse through the transaction history of the NFTs.
  4. Know the background of the developer of the project to confirm whether it comes from a genuine source. 
  5. Have a track of any complaints that have ever been raised against the project.

Make sure you have undergone all these steps before investing in an NFT. 

Pump and Dump

Pump and Dump are the next most obvious scam in washing out the funds of the investor. The project developers make a bulk purchase of NFTs and create a fake demand. This portrays the NFTs as well-performing ones in the market, fooling the investors into buying them. Once the prices are peaking, the scammers sell all those NFTs, which leads to a sudden downfall in prices and a loss for investors.

Record Of Pump And Dump Scam

“Squid,” a digital cryptocurrency launched by taking inspiration from Netflix’s Squid game series, was sold at sky-hitting prices of about $2, 860 per token. Until moments later, the creators have cashed out, stealing away $3 million. It was then found to be a pump and dump scam that has shaken the NFT investors. 

Squid Game To USD Chart

How To Avoid Pump And Dump NFT Scam?

  1. Glance through the buyers’ list before buying NFTs. More buyers for the asset means more liquidity 
  2. Educate yourself about the cryptos by checking out the social media profiles. Enroll in their Discord server and engage with the community members. Active participation of the members in the Discord channel assures the project is live and functioning.
  3. Start with small investments and then analyze the risk factors before cashing in hefty amounts
  4. Do ground research to find the potential of the tokens rather than blindly trusting the word of influencers.

Phishing Pop-Ups 

Phishing links are living on every social media channel, including Telegram, Discord, Twitter, etc. These links appear more like the company’s URL, and on clicking, it redirects to the page asking to fill in sensitive information. 

Suppose the user clicks on the link to purchase NFTs without releasing it is a scam; it asks for wallet details to proceed to buy. Once the user enters the wallet’s seed phrase (i.e., password), the funds are pulled out. Many such instances of phishing link scams are on the rise now.

Record Of Phishing Link Scam

  • OpenSea, one of the most valuable contributors to the NFT boom, has come under the spotlight concerning NFT hacks. 254 tokens worth over $1.7 million have fallen prey to the Phishing attacks on OpenSea.
  • BAYC, a famous bored ape collection, has been assaulted by a Phishing link. A phishing link was posted on its official BAYC Instagram page, resulting in a $1 million fund theft. 

How To Avoid Phishing Links NFT Scam?

  1. Head to the official page for making any NFT purchase rather than clicking on the links or pop-ups
  2. If at all you’re buying through the links, check the URL matches the company’s website
  3. Avoid entering wallet passwords anywhere. It is only required when you want to backup or recover your wallet. 

Fake Profiles And Personas

Social media pages of official projects are duplicated with a similar resemblance to the original ones. Launch and giveaways are hosted on the pages tricking the users into purchasing exciting collections. 

Also, virtual marketing has made it really hard to identify influencers in the space. Here again, it gives way for many fake personas to promote NFTs in an appealing way.

How To Avoid Fake Profile NFT Scams?

  1. Do Google search about the personalities to ensure the correctness of the information provided by the influencers
  2. Make it a point that no celebrities DM first. If you receive such messages, it’s a warning to stay cautious of NFT threats

Counterfeit NFT

Anyone can mint the artworks as NFTs in marketplaces that don’t necessarily ask for the Intellectual Property(IP) rights for the assets. Using this, scammers can create fake accounts, copy and mint the NFTs of any creator’s work.

But once it has been spotted as the plagiarized content, actions will be taken against counterfeited NFT. But the buyer’s investment in those NFTs is irreversible.

Record Of Counterfeit NFTs

OpenSea, a well-known NFT marketplace, imposed stringent rules on identifying that 80% of the minted creations on the platform are plagiarized works. 

How To Avoid Counterfeit NFT Scam?

Do a generic search of the creator profile. Verify the seller’s account has a blue tick mark. Visit their Twitter or Instagram account and reach out to the artist directly through social media before making the NFT purchase.

Bidding Scams

Its been a practice of switching the bid amount to other alternatives. For example, if you’ve set the bid price of the collection as 10ETH, which equals $20, 000 – $25, 000, the scammer may make the bidding for $10.

How To Avoid Bidding Scam?

Always double-check the standard of the cryptocurrency used in bidding because it is impossible to reverse the transactions once done.

Technical Support Scam

Hackers create customer support pages on Telegram and Discord channels and ask for users’ personal details to sort out the issue. On gaining control of the user details, the scammers plunder the funds from the wallets.

How To Avoid Customer Support NFT Scam?

  1. Never disclose personal details to any third parties
  2. Always get to the query section from the official page of the project or its official NFT Discord server. 

Closing Thoughts

Entering into the NFT world has become so easy for anyone – Hire a creator, mint digital art NFTs and make handsome profits. However, educated decisions on investing in NFT help to avoid the trap of falling prey to scams. 

QuillAudits offers NFT Due Diligence services to safeguard and shield projects and investments in the NFT pool.


Are NFT Scams?

NFTs are digitalized version of artforms that is underpinned by a unique value and a perfect monetary option. Knowing that hackers are scamming the NFT space to loot assets illicitly, broadly referred to as “NFT scams.”

How do NFT Scams Work?

NFT scams are performed by various means to steal assets that result in fund loss for users. Phishing links, Plagiarized NFTs, are popular NFT scams. Read the blog to know in detail about them.

Does NFT make real money?

NFTs are traded through cryptocurrencies and are used as the medium of transaction. However, cryptocurrencies can be traded on decentralized exchanges to convert them into fiat currencies.

How do I know if my NFT is legit?

You can rely on a blockchain explorer like, CoinMarketCap, etc., to view the metadata of assets. It provides details on whether the asset exists on the blockchain, wallet address of the sender, etc., through which you can ensure the authenticity of NFT.


Related Articles

View All

Leave a Comment

Your email address will not be published. Required fields are marked *


Due to the fact that Web3 technology is still in its infancy, new types of attacks are possible. Some attacks, like ice phishing, are specific to Web3, while others resemble credential phishing attacks.




The $BEVO NFT Art Token (BEVO) on BSC was exploited, resulting in a $45,000 loss.

The root cause of the exploit is that BEVO is a deflationary token. By invoking function deliver(), the value _rTotal will decrease.

QuillAudits 🤝 Gamestarter

@Gamestarter is a complete Web3 ecosystem including an IDO launchpad, game development studio, accelerator, incubator, and soon NFT marketplace, gaming guild and metaverse.

QuillAudits extends its partnership with Gamestarter.


Thoreum Finance on the BNB chain was exploited on January 18, 2023. The exploit resulted in the protocol losing approximately 2261 BNB (~$680K).

✔ Check out our latest article to learn more about how it happens.👇


#web3 #Security #Audit


phyProxy on BSC was attacked, resulting in a loss of 1.2K BUSD.

The root cause is a forced investment due to the delegate calls unverified input in the public delegateCallSwap function.

Load More

Amidst FTX Saga, Hacker Swept More Than $25 Million in 2nd week of November

The contract reinvested (the earn function was not called) before the user pledged (depositAll function) without settling the reward, which means that when the user pledged, the contract did not settle the previous reward and instead conducted a new investment.

Become a Quiffiliate!
Join our mission to safeguard web3

Sounds Interesting, Right? All you have to do is:


Refer QuillAudits to Web3 projects for audits.


Earn rewards as we conclude the audits.


Thereby help us Secure web3 ecosystem.

Total Rewards Shared Out: $190K+