Cybercriminals are early adopters. As soon as new technology hits the market, especially when it starts to become more popular, they study it to find vulnerabilities. Such is the case of Non-Fungible Tokens (NFTs).
While 70% of Americans still wonder what this term means and how NFTs work (we’ll get to that shortly), cybercriminals are already using this blockchain innovation to reach monetary assets and damage brands’ reputations. Let’s take a closer look at the different ways NFT security might be compromised and what brands can do to stay safe.
First Things First: What Are NFTs?
We’re used to thinking of digital creations as unlimited because theoretically, we can make countless copies. The idea of NFTs is revolutionary in the sense that it turns digital assets into unique, one-of-a-kind creations that can be limited, identified, and traded.
NFTs are digital representations of actual objects. They can represent visual artwork, musical pieces, video clips, memes, and anything else that comes to mind. Some NFTs may be created by renowned artists, while others are the result of amateur work.
Blockchain enables us to assign specific identification parameters to digital assets in order to make them tradable, but still decentralized. That's precisely how cryptocurrency is traded and how NFTs were born. Instead of relying on formal organizations to identify these assets and their owners, we use digital keys and contracts to give each asset its unique identity, turning it into a collector’s item with exclusive ownership rights. Digital assets can be bought and sold online, typically using crypto-based mechanisms.
NFTs have been around since 2014, but the rise of blockchain technologies has made them increasingly popular over the past few years. So much so that NFTs generated more than $1.5 billion worth of transactions during the first three months of 2021 alone. Research finds that 23% of US millennials collect NFTs in some form. This new trading arena cannot be ignored, and attackers are definitely paying attention.
What else can you be doing to protect your brand?
The Problem with NFT Security
NFT professionals are the first to admit that the field suffers from cybersecurity issues. Joe Conyers, Global Head of NFTs for Crypto.com, states that, “We’re very early in the technology, and there are bound to be security issues if NFT platforms don’t maintain a basic level of security procedures.”
In addition to being new, this technology faces several cybersecurity challenges:
- Brand impersonation: Brands and artists that do not have NFT products available for trading might discover that someone created them in their name. Recently, a cybercriminal listed fake NFT artwork by Banksy and sold it online for more than $300,000. The sale was completed on the artist’s hacked website and caused a lot of embarrassment to everyone involved. This is a risk that every brand today faces when failing to protect other digital channels. Celebrities might also become victims of this fraudulent attack without proper brand protection services.
- Counterfeit NFTs: Some brands that do sell NFT products, find that attackers can create fraudulent versions of these NFTs to be traded online, the same way physical counterfeiting works. These instances cause copyright issues related to the fake visuals, music and logos involved.
- Unprotected marketplaces: It’s always harder to control procedures that involve 3rd parties and NFTs are often sold via central marketplaces. In addition to the irony of having to rely on centralized players to execute decentralized transactions, this is a significant risk. A few weeks ago, $1.7 million in NFTs were stolen from one of the leading platforms, OpenSea. Companies need a brand protection program that can monitor many platforms simultaneously and effectively.
- Fake platforms: In some cases, cybercriminals build entire platforms pretending to be legitimate NFT marketplaces to trade fake items. This is similar to building fake websites, enabling attackers to publish a large number of false NFTs without having to hack genuine platforms. When such new technology is involved, it’s harder to separate real platforms from fake ones.
- Untraceable payments: Because NFT transactions are based on cryptocurrencies, they are harder to follow and protect. In most cases, once the money reaches cybercriminals, it cannot be traced and retrieved. Cryptocurrency Developer Jack Fransham adds that, “Attacks can be entirely automated so your money is gone before you would have had a chance to lock it away.”
- Cryptocurrency scams: Crypto coins are the key currency used in NFT markets. This necessarily gives cybercriminals another set of vulnerabilities to exploit. This can involve a phishing scam whereby fraudulent websites request users’ private wallet keys, or fund raising for dodgy NFT releases.
With these cybersecurity challenges, it is important to monitor social media not only for keywords but for images as well. It is specifically vital to monitor Telegram as it is extremely popular in the realm of NFT trading. It is equally important to closely monitor online marketplaces such as OpenSea. Scammers can use these platforms to sell counterfeit NFTs, by simply opening an account and auctioning off their fake NFTs.
Monitoring is only the first step. To be truly effective in the detection and takedown of counterfeit NFTs, it is important to truly understand the arena, know how the market works in order to act quickly. Detecting issues quickly, leads to fast takedowns, which is the only way to stay ahead of the scammers, saving your business from significant losses.
To learn how BrandShield’s services work, contact us today and ensure that just like NFTs, your brand remains unique.
