• About
    • About Us
    • Our Expertise
    • Meet The Team
    • Careers
  • Managed Services
    • Overview
    • Monitoring & Detection
    • Protection
    • Response
    • Training
  • Cyber Assessments
  • Consultancy
    • Consulting Services
    • Cyber Executives
  • News & Resources
    • In the News
    • Blog
    • Resources
  • Contact
Can We Help?
  • About
    • About Us
    • Our Expertise
    • Meet The Team
    • Careers
  • Managed Services
    • Overview
    • Monitoring & Detection
    • Protection
    • Response
    • Training
  • Cyber Assessments
  • Consultancy
    • Consultancy Service
    • Cyber Executives
  • News & Resources
    • In the News
    • Blogs
    • Resources
  • Contact
  • Can We Help?

​​The Rising Popularity of NFTs and The Rising Security Threat

The art world is known for being ahead of the curve, adopting new and interesting technologies to push the boundaries of what we define art to be. Currently, the hottest pieces to land in the art scene are non-fungible tokens, otherwise known as NFTs, which have grown so much in popularity that people are willing to spend incredible amounts on these intangible assets.

However, given the world we live in, it was only a matter of time before malicious actors sought to capitalise on this newfound interest in NFTs. In this blog post we will dissect what NFTs are, the astonishing amounts they sell for and the social engineering that carried out the successful theft of almost a quarter of a million pounds.

What is an NFT?

The best way to define an NFT would be to start with the NF (or non-fungible) part. To say something is non-fungible is to say that the asset cannot simply be replaced with something else of a similar value. For example, you cannot replace something non-fungible in the same way you can replace one £10 note with two £5 notes and still have the same value. When something is non-fungible is not interchangeable. Put simply, the value of a non-fungible token is only limited by how much the buyer is willing to pay.

Similar to common assets, non-fungible assets can be tangible and intangible. For example, a tangible non-fungible asset would be a deed to a house or a piece of physical art. However, an intangible non-fungible asset would be copyright or digital art. NFTs sit in the intangible category and are unique files that live on a blockchain as a means to verify the ownership of the work of digital art.

How much do NFTs sell for?

The reason why NFTs have been making headlines is down to the sky-high prices some people have been willing to pay for an intangible piece of digital art. For example, on the 11th March 2021, popular artist Mike Winkelmann, who goes under the name of ‘Beeple,’ sold a piece of digital art for $69 million (approximately £50 million). Despite this astronomical price, the new owner does not get sole access to the piece of digital art. In fact, anyone can view the art online for free at any time. What the buyer does get is verification of ownership over the asset, which is essentially bragging rights.

There are many forums and marketplaces which allow you to purchase an NFT, like OpenSea. Or you can also check out traditional auction houses such as Christie’s and Sotheby’s, which have also jumped on the NFT bandwagon.

The rising cyber risk

Whilst the sale of something as intangible as an NFT may seem a little farfetched to your average Joe, the potential for exploitation has not gone unmissed by opportunistic scammers. Just last month, a Banksy art collector named Pranksy was scammed into buying a fake Banksy NFT that had been linked to the street artist’s official website. The collector bid a whopping quarter of a million pounds in Ethereum on what they thought was Banksy's first-ever NFT piece.

How did the scammer get away with it? First, they created an NFT named Great Redistribution of the Climate Change Disaster, which they hosted on Banksy’s official website after finding a vulnerability to exploit on the site. This was a good enough social engineering attack to convince the buyer that the NFT was genuinely created by Banksy. However, shortly after the bid of almost a quarter of a million pounds was placed, accepted and transferred to the scammer’s account, the link disappeared. Following the incident, it’s safe to assume that the hacker exploited a vulnerability to plant the link on the official Banksy website.

In an unexpected turn of events, the funds were later transferred back to the victim collector, minus the $5,000 transfer fee. Whether the scammer was an ethical hacker attempting to point out vulnerabilities on Banksy’s official website, or they got spooked by the growing publicity remains to be seen, but what’s for certain is that the threat remains a problem.

How can you avoid falling victim?

Whilst this incident did result in the victim being refunded, it was a real display of malicious social engineering. The victim lost out on hard-earned money because of their passion for collecting. They got caught up in the moment and acted hastily instead of methodically, which is something that can happen to us all. We at CSA believe that these types of scamming attempts will only continue to grow as intangible digital assets become more valuable. Our recommendation is to take as much care as possible when it comes to purchasing NFTs, and if it seems too good to be true, then it probably is.

To find out more about our security solutions and E-learning courses to help you stay safe online, get in touch!

Related articles

Posted on December 29, 2021

What is SquirrelWaffle?

SquirrelWaffle is known as a dropper malware, where it would be used to download additional and potentially more destructive malware onto…

Posted on December 16, 2021

CSA Awards of the Year 2021

As we near the end of year, an incredibly busy year for our teams in terms of growth and innovation, we wanted to take a moment to…

Posted on December 14, 2021

Cyber Essentials Changes: Here's Everything You Need To Know

Rapid digital transformation, mass adoption of cloud-based services and migration to home-working were necessary changes for businesses…

Posted on December 8, 2021

CSA 12 Days of Cyber Christmas

As the end of the year fast approaches, we wanted to share a little refresher on ways to ensure your technology and data remains…

Posted on December 1, 2021

Planning To Shop Online This Holiday Season? Here Are The Cybercrimes You Need To Be Aware Of

Black Friday and Christmas are considered a blessing and a curse within the retail industry. It’s a time where retailers…

Posted on October 20, 2021

This Apple “AirTag” Vulnerability could be harvesting your credentials

During late September, the headlines were hit with the news of a vulnerability within Apple’s AirTag…

Posted on October 13, 2021

September Security Roundup

Currently, the world faces not one pandemic but two: Coronavirus and the rise of ransomware attacks…

Posted on October 10, 2021

Is Data More Valuable Than Jewels? The A-List Cyber Heist That’s Putting Ransomware Attacks On The Map

Cybercriminals don’t discriminate. It doesn’t matter how famous you are, if your information is vulnerable…

Posted on October 6, 2021

CSA adds Lookout Mobile Endpoint Security to growing solutions portfolio

Following the global pandemic, the mass migration to remote working was a necessary move…

Posted on September 7, 2021

TG1021 (Praying Mantis): The new threat actor group that could be targeting your IIS servers!

Recently, an infamous threat actor group going by the name of TG1021 or Praying Mantis…

Posted on August 19, 2021

Is Cyber Training and Education working?

The report from the ICO on the ‘surprising’ decline in personal data breaches…

Posted on August 13, 2021

How did an unknown hacker steal over $600M in cryptocurrencies in the biggest ever crypto based cyber-attack?

On 10th August 2021, Poly Network announced in a tweet that it had been attacked…

Posted on May 12, 2021

How to Prevent a Ransomware Attack

According to a 2020 survey by Sophos, 51% of organisations were hit by Ransomware in the last year…

Posted on March 23, 2021

Is your Microsoft M365 service secure from attackers? Are you sure?

The mass migration to remote working as a result of the coronavirus pandemic has…

Posted on January 10, 2021

Covid-19: How to prepare your staff
for remote working

Since the initial Covid-19 outbreak, the nation’s workforce had to learn to quickly…

Posted on December 13, 2020

Covid-19: Cyber Criminals Launch
Their Own ‘Virus’

Whilst the world is currently preoccupied with public health, cyber attackers have taken…

Posted on November 20, 2020

The rise of Covid-19 phishing scams

Whilst the rollout of the Covid-19 vaccine across the UK brings with it the good news…

About

  • About Us
  • Our Expertise
  • Meet The Team
  • Careers

Managed Services

  • Overview
  • Monitoring & Detection
  • Protection
  • Response
  • Training

Consultancy

  • Consulting Services
  • Cyber Executives

News & Resources

  • In the News
  • Blog
  • Resources

Cyber Assessments

Can We Help?

Partner Portal

Contact

Head Office Unit 11, Wheatstone Court, Waterwells Business Park, GL2 2AQ
©2022 Cyber Security Associates. All Rights Reserved.
Terms of Use Privacy Policy
Powered by P1C
This website stores cookies on your computer. These cookies are used to collect information about how you interact with our website and allow us to remember you. We use this information in order to improve and customize your browsing experience and for analytics and metrics about our visitors both on this website and other media. To find out more about the cookies we use, see our Privacy Policy.
Cookie settingsAccept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT

Can We Help?