How to Avoid Crypto and NFT Scams

Entering the crypto market opens doors to various opportunities, whether you’re planning to use them for trading, long-term investing, remittances, or daily transactions. However, it’s good to know that the crypto market is not immune to scams, which in the digital space can be more sophisticated and harder to detect, especially with advanced technologies involved.

There’s nothing to worry about though. This article will identify some of the common crypto and NFT scams, and give you invaluable insights on how to avoid them and protect you and your funds against potential threats.

14 Common Crypto and NFT Scams + How to Avoid Them

1.  Impersonation Scams

An impersonation scam happens when a scammer poses as a trusted individual or company to extract sensitive information or convince you to transfer funds. For instance, these scammers may pretend to be a customer support representative or an executive from Ka.app, contacting you via email, phone, or social media direct messages.

They may claim there's an urgent issue with your account or present a tempting investment opportunity. To further convince you, they may ask for PINs, one-time passwords (OTPs), or other sensitive account details. Sometimes, they even request you transfer cryptocurrencies for verification purposes or promise to increase your holdings.

How to Avoid Them

• Ignore anyone unfamiliar who reaches out to you for your login details.
• If someone’s asking you to send them funds and you trust the name they’re using (e.g., your best friend or your family member), verify if it’s the real person by calling them and making sure that they’re using their correct account information.

Note: The Ka.app team prioritizes your safety and security. We will never ask for your login details, ask for fund transfers, or even send you malicious links. Please use strong passwords, enable two-factor authentication (2FA), and never share your login information with anyone else. Doing so can compromise your privacy and security, lead to unauthorized access to your crypto wallet, or the complete loss of your funds.

For questions or concerns, please reach out to our customer support team through the app.

2.  Withdrawal and Money Transfer Scams

In crypto, money transfer scams usually start with the scammer approaching a potential victim to seek help in executing a transaction. For instance, the scammer may claim they are unable to withdraw funds from their wallet and promise a monetary reward, or offer to give you free assets, in return for your assistance.

However, once you access the scammer’s wallet, you may find yourself needing to pay additional gas fees from your own wallet to facilitate the transaction. Unfortunately, this is a trap. A malicious code within the scammer's wallet can redirect the gas fees straight into another account controlled by the scammer, and even lock you out of your own assets.

In a similar vein, they can ask you to purchase crypto on their behalf under various pretexts, such as regulatory hurdles or technical difficulties in the scammer's country. The scammer may promise to pay back the amount in a different currency, adding an extra incentive for your effort. However, once you send the funds, the promised reimbursement will never materialize, leaving you hanging without your funds.

How to Avoid Them

• Never agree to help someone manage crypto transactions if you do not know them personally or if you don’t trust them.
• Never share your wallet login details, seed phrases, OTPs, etc. with anyone else.

3.  Unsolicited Airdrops and Giveaway Scams

Airdrops and crypto giveaways are appealing to users because many of them offer genuinely harmless ways to receive free digital assets. However, you have to be careful when participating in them because some scammers use them as traps to steal assets or personal information.

Unsolicited airdrops can originate from unsafe smart contracts or include malicious code that can jeopardize your security. Meanwhile, some giveaways may require you to promote their crypto project or sign up through a suspicious link or website, designed to capture your wallet details and ultimately give scammers access to your funds.

How to Avoid Them

• Verify the legitimacy of the airdrop or giveaway before participating. Do not interact with or accept offers from unknown or unverified sources.
• If you notice unsolicited NFT or token transfers to your wallet, ignore them. If you've inadvertently accepted such transfers, consider transferring your assets to a different wallet to secure your holdings.
• Generally, be cautious of any giveaway promotions. If an offer seems too good to be true, it likely is. Trust your intuition.

4. Platform Clones

Scammers sometimes create an exact duplicate of a well-known, legitimate platform or website, also known as a platform clone, to trick you into entering sensitive information. The cloned site may prompt you to log in, make purchases, or fill out forms, then harvest your personal data in the process, such as your username, password, or credit card details, among many others.

How to Avoid Them

• Always verify the authenticity of a website before entering any personal information.
• Double check the URL and watch out for typos to ensure that you’re using the real platform’s URL. For instance, our official website is ka.app. Any other platform using our company or token name is suspicious.

5. Zero Transfer Scams

The Zero Transfer Scam is an on-chain attack where scammers send zero tokens to random wallet addresses. They aim to embed a fake wallet address among the legitimate ones in your transaction history, hoping that you will mistake the fake address for a genuine one and accidentally send funds or sensitive information to it.

These scams are particularly common on Ethereum Virtual Machine (EVM) compatible blockchain networks, like Binance Smart Chain and Polygon.

How to Avoid Them

• Be vigilant about the transactions you approve.
• Always double-check the wallet address you’re sending your funds to.
• Instead of copying addresses from your transaction history, ask the recipient directly for their wallet address. This ensures that you’re sending funds to the correct and intended address, and prevent any accidental transfers to fake ones.

6.  Quick-Rich Scams

Promises of high returns can be enticing, playing on our natural desire for financial security and stability. However, as the saying goes, “if something sounds too good to be true, it probably is.”

Quick-rich schemes take advantage of the anonymity and irreversible nature of crypto transactions, and use fake endorsements and flashy marketing to lure users into fraudulent investments. They often invest in professional-looking websites or apps, and manipulate their online image to appear credible.

How to Avoid Them

• Be wary of individuals or organizations promising unrealistic, large or quick profits (especially those with guaranteed returns).
• Conduct thorough research before making an investment. Consult multiple trusted sources, as some reviews and search engine results can be manipulated.
• Avoid investing into something due to fear of missing out (FOMO). Take your time to make informed decisions.

7.  Crypto Recovery Scams

Crypto recovery scams target victims of previous crypto frauds, usually offering false hope of asset recovery for a fee. These scammers may pretend as law enforcement agents, lawyers, or representatives of crypto recovery platforms. They use technical jargon and apply pressure tactics to appear legitimate.

The initial red flag is them asking for an upfront recovery fee, which can be in crypto. Once they receive the payment, they disappear without following through with the promised recovery services.

How to Avoid Them

• Keep in mind that due to the irreversible nature of blockchain transactions, recovering lost funds is nearly impossible. Therefore, you must be skeptical of unsolicited recovery offers.
• Always verify the identity of the person or organization offering any sort of assistance.
• Scammers often demand payment upfront. Never send money or share personal information with someone you do not know or trust.
• If you believe you have been targeted by a recovery scam, report it to your local law enforcement.

8.  Romance or Catfishing Scams

In romance scams, also referred to as catfishing, scammers create fake identities to build trust with their victims and form a seemingly romantic relationship. They can use social media, dating sites, and similar platforms to employ various psychological tactics and manipulate their victims’ emotions.

Once trust is established, they’ll start asking for money under various pretenses, such as medical emergencies, debts, family issues, education, and others, with promises of repayment. Usually, they will ask you to send the funds to untraceable destinations like a crypto wallet.

How to Avoid Them

• Watch out for red flags, regardless of how caring or genuine someone appears. Some red flags include their dating profile getting reported or removed, the relationship progressing quickly, limited profile photos or vague images, and relying heavily on chats for communication. Scammers often avoid video calls to prevent being exposed.
• Conduct additional research to verify the person’s identity. Use social media and reverse image searches or suggest a video call.
• Never send money to someone you don’t know personally, especially if the funds are being sent to an untraceable destination.
• Be wary if the person tries to isolate you from your friends and family, or asks for compromising photos or private information that they can use for blackmail.

9.  Rug Pulls

A rug pull happens when scammers create a new cryptocurrency or NFT project, and hypes it up as "the next big thing in crypto." These can come with professional-looking websites, detailed whitepapers, and an active community of supporters. Because of FOMO, some users pour substantial amounts of money into such projects, causing the token's or NFT's price to surge.

Unfortunately, once the scammers have collected the funds they want from investors, they usually sell off their tokens and abandon the project, leaving the remaining investors with major losses or worse, nothing.

The common types of rug pulls include:

• Liquidity Stealing (Hard Pulls)

Scammers withdraw all the coins from the liquidity pool, causing the token price to plummet to zero.

• Limiting Sell Orders

Developers code the token to restrict your ability to sell, while allowing themselves to trade. As soon as they’ve gathered enough funds, they would sell their assets, crashing the token's value.

• Dumping (Soft Pulls)

This is when founders sell off a significant amount of tokens after the price spikes, severely devaluing the token.

How to Avoid Them

• Thoroughly read the project's whitepaper to ensure its authenticity. Beware of plagiarized documents, too.
• Look for any affiliations with reputable entities.
• Be cautious of anonymous teams or projects that promise high returns in a short time.
• Ensure that the token has been audited for malicious code, and was verified by a reputable third party.

10. Phishing Scams

A phishing scam is when a scammer sends messages that seem to come from trusted sources to steal your login credentials or other sensitive information. They may reach out to you through email, social media, messaging apps, SMS, and sometimes phone calls.

Their goal is to craft a message that looks legitimate enough to trick you into clicking on links that lead to fake websites where you can enter personal information. They often use these information to log into wallets and steal funds.

Some common phishing tactics include:

• Attractive promotions or unrealistic offers
• Alerts about account security or password resets
• Messages from platform representatives or customer support offering help with an issue
• Wallet activation messages requesting private keys or seed phrases
• Messages prompting you to make a payment or provide financial information

How to Avoid Them

• Check the sender's address, hover over links to inspect the URL, or reach out to customer support through official channels.
• Only open links received via email, SMS, or direct messages after verifying the legitimacy of the contact.
• Before entering any login credentials or sensitive information, make sure that you are on the platform’s official website by manually typing the URL into your browser instead of clicking on a link.

Reminder: The Ka.app team will never contact you via direct messages on social media or community forums to ask for your password, 2FA code, or other personal information.

11.  Cryptojacking

Cryptojacking happens when a hacker secretly uses your devices to mine cryptocurrencies without your knowledge or consent. Instead of purchasing expensive hardware, hackers would infiltrate your device through malicious code and harness your computing power for their mining activities. The rewards from this would go directly to the hacker’s wallet.

When your device is infected with cryptojacking malware, it will run complex computations in the background. This can lead to slower device performance, decreased battery life, overheating, higher electricity bills, and other performance issues.

How to Avoid Them

• Only install software from reliable and official sources, and keep your devices updated.
• Educate yourself about phishing tactics to protect your devices against cryptojacking malware.
• Use anti-crypto mining tools and ad blockers to prevent unauthorized use of your computing power. You can also disable JavaScript to block potential threats.

12.  Pig Butchering Scams

Pig butchering scams are a blend of get-rich-quick schemes and catfishing. Scammers often target victims on crypto forums, social media, or dating platforms. They build a relationship over time, and lure the victim to invest in a crypto project they secretly control.

The scammer will share a fabricated story of their financial success with the project to gain the victim's trust. These relationships can span a long period, during which the victim is convinced to make multiple investments. Once they’ve got enough funds, the scammer and the fake project will vanish, leaving the victim with significant losses.

How to Avoid Them

• Be wary of investment advice from new acquaintances and always verify the legitimacy of an investment platform. Take a cautious approach and avoid rushing into making financial decisions.
• Test the sincerity of the person advising you. Express disinterest in crypto investments; a scammer will likely lose interest and stop contacting you.

13.  Bidding Scams in NFT Auctions

If you’re thinking of selling non-fungible tokens (NFTs) through online auctions, you should learn about NFT fraud detection and be aware of the potential risk of bidding scams. In these schemes, a scammer pretending to be an interested buyer will secretly switch the bidding cryptocurrency to a much less valuable asset.

Then, they will place the highest bid in that currency, tricking you into closing the deal on their terms. As a result, the victim will sell the NFT at a significantly lower price than expected.

How to Avoid Them

• Always verify the cryptocurrency that potential buyers are offering and compare it to other bids to ensure its value is accurate and fair.

14.  Plagiarized/Counterfeit and Centralized File Storage NFTs

While NFTs are built upon the idea of tokenizing unique items, the minting tools used for NFT creation allow scammers to steal original artwork and sell it to oblivious buyers. Such tokens hold zero value as they are merely replicas of copyrighted media items.

Be cautious of NFTs connected to files on centralized servers. As the value of an NFT lies in the media item linked to it, the file must be stored on a decentralized service so that it cannot be deleted or modified by the creator.

How to Avoid Them

• Before purchasing an NFT, verify the seller’s credibility, confirm that the token is original, and ensure that the NFT’s contract address matches other items in the collection. Pay close attention to the transfer history, the total number of NFTs in the collection, and their unique holders.
• Make sure that the digital file linked to the NFT is stored on a decentralized service, (i.e., exists on the blockchain and cannot be removed or modified.)

The Bottom Line

The crypto and NFT spaces offer exciting opportunities for financial growth and innovation. However, they also come with risks in the form of scams that can compromise your funds and personal information.

Remember, to avoid the 14 common crypto and NFT scams outline above, you must be vigilant, ensure the credibility/authenticity of the platforms or people you transact with, and stay abreast of the latest security practices and scam tactics. Engage with the crypto community and share knowledge, as collective awareness can help mitigate risks for everyone involved.

Again, the Ka.app team will never reach out to you for login details, crypto payments or transfers, or malicious links. If you receive a suspicious message from someone pretending to be from Ka.app, please report it to us through the app’s chat support.

FAQs

How does Ka.app protect its users against scams?

Ka.app employs a variety of measures to protect users against scams. Our platform continuously monitors suspicious activities and uses advanced algorithms to detect and block potential threats. We also provide educational resources to help users recognize and avoid common scams. Additionally, our customer support team is always available to assist with any concerns and provide guidance on maintaining secure practices.

What are the security features of Ka.app?

Ka.app is equipped with robust security features to ensure the safety of your funds and personal information. These include 2FA, regular software updates, thorough KYC checks, and more.

Can someone hack your wallet with an NFT?

While NFTs themselves are not typically used to hack wallets, it is possible for scammers to create malicious NFTs that can compromise your security if interacted with improperly. For example, clicking on a malicious link associated with an NFT or executing a transaction with a fraudulent smart contract can expose your wallet to risks. Always verify the source of an NFT and be cautious about interacting with unfamiliar or suspicious content.

How many NFTs are fake?

The exact number of fake NFTs is difficult to determine, but the growing popularity of NFTs has unfortunately led to an increase in fake items. Many platforms are working diligently to combat this issue by implementing verification processes and encouraging users to report suspicious activities.

To protect yourself, always buy NFTs from reputable sources, verify the authenticity of the seller, and look for tokens that have been verified by the platform.