OpenSea users are being told to be wary of Twitter and Discord interactions after reports surfaced of fake support staff stealing en vogue NFTs like Bored Apes and Cool Cats.
Phoney OpenSea reps are tricking users into sharing their screens and scanning QR codes to unlock MetaMask wallets, according to BleepingComputer.
Those taken in by the scam have reported losing large amounts of crypto and entire NFT collections.
This particular ruse starts on OpenSea’s own Discord server.
When a user asks for help, scammers hit them with private messages and invite them to a secondary (and fake) “OpenSea Support” server under their control.
Artist Jeff Nicholas described to BleepingComputer how he was “groomed” when seeking help with collecting OpenSea payouts.
“There’s lots of grooming, working through the issue, pulling you in. Then they ask you to screen share so they can see what you are seeing.”
“They say you need to resync your MetaMask and at this point, you’re sort of sucked into fixing this thing whatever it is,” said Nicholas.
At this point, MetaMask directs users to scan a QR code. As the fraudsters can see their victims’ screens, they scan it themselves — taking control of the seed phrase and the contents of their MetaMask wallets.
In response, OpenSea has pleaded with its users to be vigilant and direct support requests through its own Help Center linked on its site.
OpenSea users face the wild west
As noted by BleepingComputer, some OpenSea users have grilled the platform for actually pointing victims to the fraudster’s Discord server.
Indeed, OpenSea is building a reputation for being a hot-bed for scammers looking to exploit NFT newbies.
Reports in June revealed instances of users being tricked into selling valuable NFTs for just a few dollars.
And increasing numbers of digital artists are finding their work hijacked and sold as NFTs without their permission on marketplaces like OpenSea and Rarible.
Looking for bite-sized news? We’re on Twitter.