Spate of “Free NFTs” Scams Blights South Korea
South Koreans are under attack from non-fungible token (NFT) scammers who pose as bona fide project operators to drain crypto from their victims.
Yonhap reported that “phishing emails” that “steal cryptoassets” from their victims are “being distributed on a large scale,” per a warning from the security provider East Security.
The security firm stated that scammers were disguising their attacks as projects affiliated with Starbucks and the e-commerce platform Lotte Home Shopping.
The emails contain what appear to be pirated Starbucks and Lotte logos.
These emails advertise “free” NFTs and explain that tokens can be claimed by clicking on embedded links.
But clicking on these links instead takes victims to “phishing sites” operated by scammers, the firm warned.
South Korean ‘Scam NFTs’ – How Do They Work?
Once on this page, victims are reportedly taken through a range of steps that eventually leads them to hand over sensitive data.
This data can then be used by hackers to break into crypto wallets and drain coin funds.
The security company stated that the phishing sites had been “crafted with great care.”
Potential victims, the firm said, are presented with QR codes that install or run a crypto wallet plugin in their browsers.
Scammers then reportedly instruct potential victims to pay gas fees to receive their “free” NFTs by “connecting” their wallets.
But if victims follow this step, scammers can gain access to wallets.
And once they do this, they can drain any funds they find therein.
A spokesperson from East Security was quoted as warning:
“As the number of [legitimate] companies enter the NFT field increases, along with [general] crypto investment, the number of attacks that are intended to steal virtual assets will also increase. The public should check [offers] carefully before proceeding.”
Last month, Cryptonews.com reported that the likes of Amazon and Gucci may be preparing to enter the NFT space in earnest.