Fake OpenSea Support Steals NFTs and Cryptocurrency Wallet Funds

By Ava McKinneyOnline Safety

Fake OpenSea Support Steals NFTs and Cryptocurrency Wallet Funds

Users of the NFT marketplace OpenSea are being targeted by phishing attacks on Discord, with the goal of stealing cryptocurrency and NFTs, according to Bleeping Computer. Attackers have been operating on the official OpenSea Discord server, pretending to be representatives of the platform’s support team. These “support agents” offer help to OpenSea users, which ultimately leads to the loss of cryptocurrency and NFTs stored in victims’ MetaMask wallets.

How the Scam Works

If an OpenSea user needs support, they can request help through the OpenSea help center or via the site’s Discord. When a user joins the Discord and submits a support request, scammers begin sending them direct messages, inviting them to a supposedly special “OpenSea Support” server—which is, of course, fake.

Artist Jeff Nicholas, who fell victim to this scam, told reporters that on the fake support server, the scammers asked him to provide remote access to his screen so they could “help” and offer advice on resolving his issue.

Afterward, the victim was told to re-sync his MetaMask Chrome extension with the MetaMask mobile app. During this process, a QR code appears on the user’s screen, which they are instructed to scan—but the scammers use this code instead. As soon as the QR code appears, the user almost immediately receives a message that the app has been synced, because the criminals have used the code themselves.

“Essentially, they get your seed phrase (without actually having it),” Nicholas wrote.

When the scammers scan the victim’s QR code in their own mobile app, they gain full access to the cryptocurrency and all NFTs stored in the wallet. The attackers then simply transfer the funds to their own wallets.

OpenSea’s Response and User Concerns

OpenSea representatives say they are aware of these attacks and recommend that users contact support only through the platform’s official help center.

Some users disagree with this stance and believe OpenSea is partly to blame, since the company directed users to its Discord server for support and did not monitor what was happening there.

Source

  • Bleeping Computer

Related Channels and Partners

  • Our other channels
  • Our friends and partners

Leave a Reply