How Hundreds Of NFTs Have Been Stolen From NFT Marketplace OpenSea

Experts Comments

February 22, 2022
Magni Sigurðsson
Senior Manager of Detection Technologies
Cyren

Over the last few months, as the popularity of non-fungible tokens has grown exponentially, we have seen an increase in phishing attacks like this one specifically targeting brands handling crypto exchange and NFTs. However, the reason that these NFT phishing attacks remain a cause for concern, even more so than regular credit card or credential phishing, is because attackers get such a large “pay out” for such little effort.

It was not long ago that the only people buying crypto were

.....Read More

Over the last few months, as the popularity of non-fungible tokens has grown exponentially, we have seen an increase in phishing attacks like this one specifically targeting brands handling crypto exchange and NFTs. However, the reason that these NFT phishing attacks remain a cause for concern, even more so than regular credit card or credential phishing, is because attackers get such a large “pay out” for such little effort.

It was not long ago that the only people buying crypto were ‘techies’ who knew to keep their wallets locked in safes on flash drives. Today, however, almost anyone can buy crypto and NFTs in minutes. The result is that the average user is buying NFTs, heavily advertising their ownership of the valuable asset online, and making it all too easy for attackers to launch targeted phishing attacks against them. 

Luckily, you can protect yourself from NFT-specific phishing attacks in the same way you can other phishing campaigns. Such attacks usually start with a phishing email or SMS message. So, be sure to scrutinise the sender, the URL in the message, and any included attachment, to verify the legitimacy of the message. 

For organisations, it is crucial that they implement a robust, layered security strategy. This layered strategy should include real-time detection of zero-day and unique phishing threats. By adding a real-time detection and automated remediation capability to identify and eliminate phishing threats rapidly, the impact of when a phishing email makes it through our defences can be reduced.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.