NFT marketplace account takeover
The digital marketplace for NFTs grew to an estimated $22bn last year, but companies face new frauds challenges every day. Recently fraudsters are able to perform a successful fraud using the account takeover in the NFT marketplace.
There are different methods that fraudsters can use to hijack an account. For example, credentials stuffing, phishing, social engineering, and SIM swap for high-profile accounts are the key account takeover methods. Fraudsters use stolen usernames and passwords on login forms to steal the NFT non-fungible token or NFT arts by employing credential stuffing. The NFT marketplace login forms are constantly hit by bots and automated scripts which involves very less cost to initiate the attack for the fraudster.
NFT account takeover becomes a nightmare for the victim and also destroys the marketplace reputation, customer trust, strain on operations teams, customer loyalty and retention, financial impact, and the future of the marketplace becomes dark.
Some of the recent attacks on the NFT marketplaces are given below. You can find the list of stolen NFT arts in the example. Victims are rushing to review and revoke your token approvals for dApp using ETH token approval checker.
I can’t believe I made my first purchase with you guys today … then boom.. you guys get hacked and made me buy to nfts and didn’t choose…. I hope you guys fixed this asap or refund me my money. HORRIBLE EXPERIENCE
— Kenrocket (@kennrocket) February 20, 2022
Someone hacked my @niftygateway account tonight and used my credit card attached to the account to buy like $20k worth of art… cool
— Keyboard Monkey -KBM- (@KeyboardMonkey3) March 15, 2021
Someone stole my NFTs today on @niftygateway and purchased $10K++ worth of today's drop without my knowledge. NFTs were then transferred to another account.
I encourage EVERYONE to please check their accounts ASAP.
Could use everyone's help here – please RT!
Full <img src=\"https://s.w.org/images/core/emoji/14.0.0/72×72/1f9f5.png\" alt=\"
Source: /revoekat-tnuocca-na-yb-detcapmi-secalptekram-tfn/ten.7reyaleruces.golb
