Matt Williams Last updated: 
Fake Twitter profile
Another Bored Ape NFT owner was phished today by a fake Twitter account (bhawana.eth), the latest of many to fall victim to an NFT airdrop scam.
The Twitter account above is verified – it has the blue checkmark by the name – but scammers can simply buy a verified profile that is not longer in use, purchase followers to have a legitimate looking follower count, and fill out the bio with convincing pictures.
What is an NFT Airdrop Scam?
That’s what happened here – the hacker repurposed an old unused Twitter profile with a blue check, bought followers, then uploaded some Ape NFT pics.
Then they created a website, as anyone can do, especially with a less common domain extension like dot.art, dot.biz, or dot.io. Anyone can set up a website as long as it hasn’t been claimed yet – if it has, adding a hyphen can fix that too.
The instant transfer and ‘sale’ of the scammed holder’s BAYC and MAYC NFTs
On that website, unsuspecting victims are prompted to ‘connect their wallet’, and if they do, their NFTs and any crypto funds are instantly drained and stolen.
Several crypto traders on Twitter noticed the scam had taken place as NFT and crypto transactions on the Ethereum blockchain are logged on Etherscan.
The scammed investor lost a Bored Ape Yacht Club NFT worth 102 ETH ($ 316,000), a Mutant Ape Yacht Club NFT worth 23.4 ETH ($ 72,500) and other NFTs, totalling over half a million dollars in losses.
Trader @zachxbt posted the unfortunate news. An ‘on-chain sleuth’ and ‘2D detective’ he regularly tweets warnings about NFT airdrop scams, crypto airdrop scams, suspicious projects that might end up as ‘rugpulls’, and other types of crypto scams.
They keep making new sites + accounts pic.twitter.com/YoQiUsB4Aj
— zachxbt (@zachxbt) March 24, 2022
How to Avoid NFT Airdrop Scams
To avoid an NFT airdrop scam always double and triple check the site you are connecting your Metamask wallet or any other NFT wallet to – don’t connect your wallet to a site you are not 100% sure of. Ask around first, and remember:
- A verified account (Twitter blue check) is meaningless
- Follower counts are meaningless
What scammers can’t do, is change the @ handle of an unused verified account they’ve purchased or hacked and taken over. If you change Twitter handle, you lose your blue check verified status.
So one way to do your due diligence is to type the @ name into Twitter and view the history of interactions with that handle. You should be able to quickly see what they were talking about on Twitter over the years, and if it wasn’t non-fungible tokens or cryptocurrency related, chances are it was repurposed by a scammer.
You can also view a snapshot of the Twitter account in the Internet Wayback machine to see who it used to be. You can even use image recognition tools to find a BAYC on Opensea and check who owns it, then see if it matches the Twitter user using it for their profile pic.
A senior project manager at Metamask tweeted these helpful tips (read the whole thread).
This is a fake account. Scammers will buy inactive verified Twitter accounts, change all the content to look like they are a serious NFT account and then try to convince you to go a scam site which will steal your funds. Stay safe out there.
Remember, blue check = meaningless pic.twitter.com/LsdnIemJ4V
— m0nt0y4.eth (@MidwitMilhouse) March 24, 2022
Tools to Avoid Crypto Scams
There are tools you can use to revoke approvals for NFT transactions, @zachxbt posted two below.
In general, if it’s too good to be true, it usually is. Crypto airdrops do exist – BAYC NFT holders were airdropped ApeCoin – but for most people real crypto airdrops take place on crypto exchanges, not by connecting your wallet to a sketchy website.
For example eToro supported the Flare airdrop of Songbird tokens for its users, as did Huobi.
Don’t believe someone who DMs you or tags you on Twitter, Telegram, or in a Youtube comment section. Don’t send funds to someone who promises to send twice the amount back, or to trade for you.
4/ Always triple check the site you are connecting your wallet to so you don’t become the next victim.
When in doubt use these tools to revoke approvals:https://t.co/0snBk0GzmH https://t.co/1bWgGsCy3O
— zachxbt (@zachxbt) March 17, 2022
Scammers often impersonate Coinbase support, Metamask support, or claim to be able to help you recover funds lost in crypto scams or fake airdrops. If you reply, you will be scammed a second time.
They use bots to automatically reply to anyone who types something about Metamask or being scammed on Twitter – targetting thousands of people online at a time. Whoever replies is then sent a message and the scam starts.
If someone has a lowercase letter ‘l’ in their handle on social media, it’s especially easy for scammers to use an ASCII character code to resemble that letter. Verify someone is who they say they are with a video call before sending crypto.
Cryptoassets are a highly volatile unregulated investment product.
(25)
