South Koreans are being targeted by non-fungible token (NFT) scammers who pretend to be real project operators to drain cryptocurrency from their victims.
Yonhap reports that “phishing emails” that “steal cryptographic assets” from their victims are “distributing widely,” according to a warning from security services firm East Security.
The security firm stated that the scammers were disguising their attacks as projects belonging to Starbucks and the e-commerce platform Lotte Home Shopping.
The emails contain what appears to be the Starbucks and Lotte logos have been hacked.
These emails advertise “free” NFTs and state that tokens can be claimed by clicking embedded links.
The company warned that clicking on these links leads victims to “phishing sites” run by fraudsters.
South Korean ‘NFT scams’: How do they work?
Once on this page, victims are reported to go through a series of steps that eventually lead them to hand over sensitive data.
Hackers can use this data to break into cryptocurrency wallets and drain coin funds.
The security company stated that the phishing sites were “designed with great care”.
The company said potential victims are provided with QR codes that install or run a crypto wallet plugin in their browsers.
The scammers then reportedly instruct potential victims to pay gas fees in order to get the “free” NFTs by “linking” their wallets.
But if the victims follow this step, the scammers can gain access to the wallets.
And once they do, they can exhaust any money they find there.
An Eastern Security spokesperson was quoted warning:
Last month, Cryptonews.com reported that companies like Amazon and Gucci may be preparing to enter the NFT field in earnest.