NFT scams are designed to trick you into signing a malicious transaction or connecting your wallet to a fake site. They range from simple copycat collections to sophisticated phishing dApps that drain everything.
Types of NFT Scams
1. Fake Mint Links
Scammers post “free mint” links in Discord, Twitter, and Telegram. The link leads to a fake minting site that asks you to “verify your wallet” — by signing a transaction that gives them unlimited spending approval on your NFTs.
How to spot:
- URL is similar but slightly different from the real project
- “Free mint” with high expected value
- Countdown timer creating urgency
- The site asks you to “verify” by signing a transaction
2. Copycat Collections
Scammers create NFT collections that look identical to popular projects (Bored Ape, Pudgy Penguins, etc.) and list them on marketplaces with confusing names.
How to spot:
- Check the contract address on the project’s official website or Discord
- Use OpenSea’s “verified” checkmark (blue check)
- Low volume and floor price compared to the real collection
3. Fake Marketplace Listings
You find a rare NFT listed at a surprisingly low price. When you try to buy it, the listing is a scam — the NFT on sale is a copycat, not the real one.
How to spot:
- Check the token ID against the official collection
- Verify the contract address (not just the collection name)
- If the price is too good to be true, it’s a fake listing
4. “Floor Sweep” Drainers
A scammer buys a legitimate NFT, then transfers it to a contract that automatically resells it. When you buy the “floor” (cheapest) NFT from this contract, the contract drains your wallet.
How to spot:
- Check the seller’s history — new account with no history
- Verify the collection contract address on Etherscan
5. Social Media Account Takeovers
Scammers hack popular Twitter accounts and post fake mint links to the account’s followers.
How to spot:
- Check if the link matches the project’s official website
- Look for “Account compromised” posts from the real account
- Wait 24 hours before clicking any mint link from social media
The “Signature” Trap
The most dangerous NFT scam doesn’t ask for your seed phrase. It asks you to “sign” a message in your wallet. This signature grants the scammer permission to transfer your NFTs.
Real signatures look like:
- “Sign this message to prove you own this wallet” (SAFE — just a text message)
- “Approve USDC spending limit” (POTENTIALLY DANGEROUS)
Fake signatures look like:
- “Sign to verify your wallet for minting” (SCAM — grants transfer permissions)
- “Set approval for all” in the signature warning
How to Stay Safe
- Use a burner wallet — Create a separate wallet for NFT interactions with minimal funds
- Never visit mint links from DMs — Only use links from the project’s official Twitter/Discord
- Verify contract addresses — Always double-check on the project’s official channels
- Use Revoke.cash — Regularly revoke unnecessary token approvals
- Check the “Is this a scam?” list — On Etherscan, check if an address has been reported as a scam
- Wait before minting popular projects — Scammers target high-demand launches
What to Do If Your NFTs Are Stolen
- Immediately use Revoke.cash to revoke all approvals
- Report to OpenSea/Blur — They may be able to freeze the stolen NFTs
- Report to the blockchain explorer — Mark the scammer’s address
- File a police report — Some jurisdictions treat NFT theft as a crime
Verdict
NFT scams work by tricking your wallet into signing malicious transactions. The defense is simple: never sign a transaction you don’t fully understand, use a burner wallet for NFTs, and always verify contract addresses.
Related: What Is an NFT? Still Relevant? | How to Spot a Fake Wallet | Crypto Wallet Drainers