Rarible NFT Marketplace Targeted by Scammers and Typosquatters

By Ava McKinneyOnline Safety

Rarible NFT Marketplace Targeted by Scammers and Typosquatters

Experts from Bolster have reported that the Rarible marketplace (rarible.com) has become a target for typosquatters who are spreading malware, engaging in fraud, and more. Researchers have identified several typosquatting domains aimed at Rarible users. For example, rarbile[.]com is designed to mimic the legitimate rarible.com.

Since search engines are generally effective at hiding such domains from search results, scammers often use WhatsApp and Telegram to distribute malicious links, as well as social media posts, direct messages, or even paid advertisements.

Examples of Attacks

Another example of an attack on Rarible is the domain wwwrarible[.]com, which lacks a dot between “www” and “rarible.” When users accidentally visit this address, they are redirected to a site offering a fake Firefox update. One of the browser extensions promoted by this site recently injected ads into every website visited by the user and tracked all of their online activity.

Other domains discovered by Bolster (such as rarbile[.]com, rarbile[.]com, and rarbile[.]com) redirect visitors to various scam resources. These can include fake spinning wheel games, fraudulent dating sites designed to collect personal information, fake tech support pages, or sites distributing unwanted and adware software packages.

Malware and Crypto Miners

According to Bleeping Computer, one such software bundle installed a cryptocurrency miner on the journalists’ test machine, although they were unable to reproduce this behavior during subsequent visits to the site.

Ongoing Threats in the NFT Space

Bolster analysts predict that scammers will continue to exploit the NFT trend by creating fake marketplaces that steal buyers’ cryptocurrency, counterfeit NFTs posing as works by real artists, and fake giveaway campaigns.

  • Stay vigilant when visiting NFT marketplaces.
  • Always double-check website URLs before entering sensitive information.
  • Be cautious of unsolicited messages and links, especially those received via social media or messaging apps.

Leave a Reply