We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:


Current browse context:


Change to browse by:

References & Citations

DBLP - CS Bibliography


(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Cryptography and Security

Title: Demystifying NFT Promotion and Phishing Scams

Abstract: The popularity and hype around purchasing digital assets such as art, video, and music in the form of Non-fungible tokens (NFTs) has rapidly made them a lucrative investment opportunity, with NFT-based sales surpassing $25B in 2021 alone. However, the volatility and scarcity of NFTs, combined with the general lack of familiarity with the technical aspects of this ecosystem, encourage the spread of several scams. The success of an NFT is majorly impacted by its online virality. There have been sparse reports about scammers emulating this virality by either promoting their fraudulent NFT projects on social media or imitating other popular NFT projects. This paper presents a longitudinal analysis of 439 unique Twitter accounts that consistently promote fraudulent NFT collections through giveaway competitions and 1,028 NFT phishing attacks. Our findings indicate that most accounts interacting with these promotions are bots, which can rapidly increase the popularity of the fraudulent NFT collections by inflating their likes, followers, and retweet counts. This leads to significant engagement from real users, who then proceed to invest in the scams. On the other hand, we identify two novel attack vectors which are utilized by NFT phishing scams to steal funds and digital assets from the victim's wallet. We also identify several gaps in the prevalent anti-phishing ecosystem by evaluating the performance of popular anti-phishing blocklists and security tools against NFT phishing attacks. We utilize our findings to develop a machine learning classifier that can automatically detect NFT phishing scams at scale.
Subjects: Cryptography and Security (cs.CR); Computers and Society (cs.CY)
Cite as: arXiv:2301.09806 [cs.CR]
  (or arXiv:2301.09806v1 [cs.CR] for this version)

Submission history

From: Sayak Saha Roy [view email]
[v1] Tue, 24 Jan 2023 04:13:44 GMT (2408kb,D)

Link back to: arXiv, form interface, contact.