NFT trading entails large sums of money. It’s no wonder that the NFT space has attracted frequent NFT theft, with Bored Ape tokens getting millions of dollars and lesser-known projects still pulling in thousands. While blockchain technology makes ownership unbreakable, ingenious NFT thieves will still find a way to get their hands on your prized possessions.

We’ve outlined how thieves steal NFTs below to assist you in keeping your tokens safe. If you are the unlucky victim of theft, we’ve also included instructions on reporting a stolen NFT on Opensea and Rarible.

How does NFT Theft happen?

While cryptography makes it nearly hard to attack blockchains like Ethereum, hackers, and exploiters exploit holes elsewhere in the chain of custody. NFT theft is almost always the consequence of some human error. Hackers and scammers use phishing as one approach to get your NFTs. It usually entails sending you a bogus message about NFTs that prompts you to click on a specific URL.

This link may include Malware or a Virus that can compromise your computer. Usually, however, clicking on such links will send you to another page that will prompt you to input your NFT or Crypto Wallet’s Secret Recovery Phrase. Many people who do not know such things have fallen victim to such attacks and had their NFT and Crypto stolen.

Despite the difficulty of hacking the blockchain itself, hackers can steal NFTs using Phishing attacks. This is a dangerous and widespread occurrence on social media apps such as Discord, where hackers make identical profile replicas of various Blue Chip NFT Projects and message the user about a false Giveaway or Mint Releases. Many people who are duped are forced to enter their Secret Recovery Phrase. If the victim is tricked, they will lose all their NFT and Crypto assets.

Also, read – The NFT Gaming Blockchain was robbed of $600 million in Ether

As a result, never give or enter your Secret Recovery Phrase to any website, including Opensea, Rarible, or other NFT platforms. If you ever come across such websites or someone asking for your Secret Recovery Phrase, you may be sure that you’ve been the victim of a phishing assault.

Finally, be cautious of any links or spammy links you receive over email or Discord since these links may include Malware or Viruses that can harm your machine.

Seth Green Pays $260,000 Ransom for Stolen Bored Ape NFT: Report https://t.co/FRSlk6mK6A

— Emmy 🧪 Missdigital (@missdigital) June 13, 2022

Exploits of bugs

Hackers detect exploitable code in websites and smart contracts in a more advanced type of stealing. Bad actors can take advantage of these system logic flaws to run unintended code or gain permission to do things they wouldn’t usually be allowed to do. For instance, the Treasure marketplace recently saw a rash of thefts in which a hacker discovered an exploit and was able to mint hundreds of NFTs for free.

Fortunately, NFTs were soon refunded, and the matter was handled, just as it had been in the case of Treasure’s marketplace exploit. These types of vulnerabilities are difficult to avoid since they rely on the website’s underlying code and the smart contract’s integrity, both outside the average collector’s control. These problems and vulnerabilities are anticipated to become less widespread as the young NFT space matures.

Phishing Scams

In the NFT space, falling prey to a phishing scam is typical. Phishing is rampant right now, thanks to the large sums of money involved in NFTs and the rapid pace of trade. Scammers recently used OpenSea’s migration of old listings announcements to defraud users of their NFT ownership. Scammers made off with more than a million dollars worth of NFTs, including Bored Apes, Mutant Apes, and Azuki tokens, using phishing websites that looked and sounded genuine.

Hackers also use chat platforms like Discord, Twitter, and Youtube comments to phish for information. These fraudulent accounts pose well-known investment experts to obtain wallet information such as seed phrases and passwords. If you give these con artists enough information, they will empty your wallet of NFTs and coins.

Theft of artwork

Art theft is another scam that is becoming more common in the NFT sector. Fan art from popular games and shows and conceptual work from sites like DeviantArt are common examples. Artists are ignorant that their work is being used for this reason when creating these token collections. The Twitter account NFT theft , which focuses on artists delisting NFTs with their work, is an excellent source of information on rectifying this type of theft.

Here are some resources to help artists deal with the growing problem of plagiarized art on NFT marketplaces. A few of these are links that have been shared with us, but we have not had the chance test ourselves. Please add you experiences/suggestions to help others:

— NFT thefts (@NFTtheft) December 27, 2021

Is it safe to use my NFTs?

Although the NFT area is still in its infancy, the ecosystem’s security is relatively robust despite discovering various exploits. NFTs are entirely risk-free. Phishing scams are extremely rare, and they can be readily avoided. As people try to separate investors from their valuable NFTs, phishing will always be an issue, but these types of attacks will become easier to recognize as the space evolves.

There are several ways to avoid phishing attempts, including:

Don’t click any links; instead, hover over them and carefully inspect the URL before proceeding.

Never give out personal information because it could be used to access accounts and possibly cryptocurrency wallets.

Change your passwords frequently: hackers are resourceful and can figure out passwords through various methods. Changing them regularly can assist you in losing your marketplace account.

Never tell anyone or any website your recovery phrase: This is the most crucial one; your Secret Recovery Phrase is similar to your primary key to your NFT and Crypto Assets; never share it. It can only be used to retrieve a cryptocurrency wallet. You will lose all of your NFT and Crypto Assets if you lose.

How do I report a stolen NFT On OpenSea?

If your NFT has been stolen, delisted, or frozen on OpenSea, you should take the following steps:

• Send an email to antifraud@opensea.io.
• In your subject line, write “Stolen NFT.”
• Include the token ID, URL, and collection in the body text and a contact address.
• Include as much information about how the NFT was obtained unlawfully as possible.

How can you report a stolen NFT on Rarible?

It’s also simple to report a stolen or fraudulent NFT to Rarible:

• Visit Rarible.com for more information.
• Find the search button and enter the name of your NFTs collection and the token’s ID.
• Once you’ve located your stolen NFTs listing, click the “…” button next to the NFT’s title.
• Scroll down and select “report” from the drop-down menu.
• A popup will appear, allowing you to describe the issue in greater detail.
• After reporting the NFT, send an email to support@rarible.com with as much description of the incident.

While it’s unlikely that you’ll ever need to know how to report a stolen NFT on Opensea or Rarible, learning how to do so now gives you the best chance of rapidly addressing the matter if the worst happens.