“Congratulations To You, Your NFT Has Been Purchased” Fake Rarible Email Scam

Non-fungible tokens (NFTs) have exploded in popularity over the past couple of years. As interest in these digital assets grows, so too do the scams seeking to exploit unwitting NFT buyers and sellers. One such scam is the fake “Your NFT Has Been Purchased” email that pretends to come from the popular NFT marketplace Rarible.

This convincing phishing scam message claims someone has bought your NFT and that you need to provide personal information to receive the sale proceeds. If you fall for it, the scammers can steal your cryptocurrency and NFTs. Here’s what you need to know about spotting and avoiding this sneaky scam.

scam 1

Overview of the Fake NFT Purchase Email Scam

The fake NFT purchase email pretends to be an official notification from Rarible informing you that someone has bought one of your NFTs listed on the platform.

The message will include Rarible branding and claim you need to verify your wallet address and seed phrase to receive the sale amount. Of course, this is completely false.

Origins of the Scam

This phishing scam originally started circulating in early 2022, not long after NFTs started gaining mainstream attention. As more people entered the NFT space, scammers took advantage of all the hype and confusion to target newbies.

The scam emails specifically mention Rarible because it’s one of the most popular NFT marketplaces. However, variations of the scam may include other platforms like OpenSea or LooksRare.

Here is how the email looks:

Congratulations to you

Your NFT has been purchased by a user.

To see more details and receive the sale amount,your wallet address must be verified first.

Send the said information here for review and confirmation:

1) Ethereum wallet address

2)12 words belonging to the wallet

The 12 words are the same words you were given when you made the wallet.

After confirmation, the amount of the sale will be deposited into your account.

If you do not send the mentioned items, your sale will be canceled soon.

Note that your information is protected by Rarible.

Intended Victims

The fake purchase notification tries to target the following victims:

  • NFT sellers – Those who mint and list NFTs for sale on platforms like Rarible may fall for the message about one of their works selling.
  • New NFT owners – People who are new to buying NFTs may believe the sale notification, especially if they just made a purchase.
  • Inactive NFT holders – Even those who aren’t actively trading NFTs could be fooled if they once bought or created NFTs.

The scam preys on people’s excitement about selling an NFT or naivety about proper NFT sale procedures.

Warning Signs of the Scam

While the phishing message is designed to look legitimate, there are red flags that can help you identify it as a scam:

  • Sent from a random Gmail address, not @rarible.com email
  • Poor grammar, spelling, wording, or design
  • Requests seed phrase and/or wallet login
  • Threatens account suspension if info not provided
  • Generic greeting like “Dear user” instead of your name
  • Links to phishing sites instead of Rarible.com

Potential Losses from the Scam

If you fall for the fake NFT sale email, you could experience the following losses:

  • Lost NFTs – Scammers can steal NFTs from your wallet if you give them your seed phrase. This allows them to list and sell your NFTs on their own.
  • Drained cryptocurrency – The provided wallet and seed phrase also grants access to any crypto coins held in the wallet. The scammers can quickly drain your funds.
  • Compromised accounts – With your wallet login info, scammers can access connected accounts you may have on Rarible, OpenSea, LooksRare, and other NFT sites.
  • Future phishing – Your email address may be added to phishing lists since you already fell for one scam before. This means you could receive more scam emails in the future.

In most cases, losses from this scam are irreversible since cryptocurrencies and NFTs operate without consumer protections. That makes avoiding the scam extremely important.

How the Fake NFT Purchase Email Scam Works

Now that you know what this scam is, let’s break down exactly how it works to trick unsuspecting NFT traders.

Step 1: Scammers Obtain Email Addresses

The first thing scammers need to run this phishing scam is a list of target email addresses. They likely obtain these through various methods:

  • Data breaches – Email addresses from hacked NFT sites or wallets get sold on the dark web.
  • Public info – NFT owners’ emails may be visible on their public social media profiles.
  • Phishing lists – Past scam victims get added to lists then used for future phishing attacks.
  • Social engineering – Scammers may pretend to be an authority or reporter requesting email contacts.

So even if you have good email security, your address could still get onto scammers’ lists through breaches or public info.

Step 2: Scammers Craft Deceptive Emails

Using the email list, scammers will craft personalized messages to each address. The email will:

  • Use the Rarible logo and style formatting to appear official
  • Address you directly by name to build trust
  • Include professional-looking graphics and design
  • Claim someone purchased your specific NFT for a high price
  • State verification is needed to receive the sale proceeds
  • Provide plausible urgency to act quickly or risk losing the sale

The emails can look convincingly real, especially to new NFT traders.

Step 3: Victims Are Instructed to Provide Info

If you respond to the fake sale notification, the scammers will instruct you to provide:

  • Your cryptocurrency wallet address where you want funds sent
  • Seed phrase for the wallet (usually 12 random words)
  • Possible 2FA codes or other verifications from your wallet account

The scammers may claim this info is needed to verify the sale and ensure you receive the money. But in reality, it grants them full access to your cryptocurrency funds and NFTs.

Step 4: Scammers Steal Funds and NFTs

With your wallet address and seed phrase, the scammers can now easily:

  • Access and drain your wallet of any cryptocurrency assets
  • Transfer out or list for sale any NFTs in your wallet
  • Leverage your email and wallet login to access associated accounts you have on Rarible, OpenSea, or other NFT platforms

Once they steal everything they can from your compromised wallet and accounts, the scammers block any further communication with you. They disappear with your money and NFTs.

What to Do If You Fall Victim to the Fake NFT Purchase Email Scam

If you unfortunately provided your wallet details or phrase to the phishing scam, you will need to take action right away to try preventing losses. Here are important steps to take if you fell victim and gave up your info:

Step 1: Transfer Funds to New Wallet

If you still have access to your phished cryptocurrency wallet, quickly transfer any remaining coins to a brand new wallet address that the scammers don’t have access to yet.

This will protect those leftover funds before the scammers can drain the compromised wallet completely. Make sure the new wallet is totally disconnected from the phished one.

Step 2: Reset Passwords on Accounts

Assume the scammers have access to any online accounts associated with the compromised wallet.

Go to your accounts on platforms like Rarible, OpenSea, Coinbase, and others to reset the password and enable 2FA if available. This blocks the scammers out.

Step 3: Report Stolen NFTs

Contact the NFT platforms like Rarible to report stolen NFTs that were transferred from your wallet to the scammers’ address.

Provide relevant transaction details to potentially freeze or recover your NFTs if possible. The platforms may blacklist the scammers’ wallet address too.

Step 4: Contact Wallet Provider

If you used a hosted wallet service like MetaMask, alert their fraud department with details about the phishing attack.

They may be able to roll back transactions or take other protective steps depending on the severity of the incident.

Step 5: Notify Cryptocurrency Exchanges

If any of your coins were stored on a centralized exchange instead of just the phished wallet, call their support line immediately.

Exchanges can potentially freeze, reverse, or track transfers if acted upon quickly. This could save some cryptocurrency assets.

Step 6: Report to Authorities

File reports regarding the phishing scam, stolen funds, and fraudulent transactions with:

  • FTC – Federal Trade Commission
  • FBI Internet Crime Complaint Center
  • Local police department

Provide copies of the scam email, transaction IDs, and any other evidence you have. This creates an official record that could aid recovery efforts.

Step 7: Monitor Accounts Closely

Carefully monitor your crypto wallet transactions, NFT accounts, credit reports, and bank accounts for any signs of further misuse of your details.

Enable enhanced security like multi-factor authentication wherever possible to prevent additional attacks.

Step 8: Avoid Communicating with Scammers

Never respond if the scammers reach out to you asking for more information or payments. Any engagement simply confirms you’re willing to cooperate with them.

Cut off all contact completely. Don’t make any ransom payments either, as this won’t recover your stolen assets.

Frequently Asked Questions

What is the fake NFT purchase email scam?

This is a phishing scam where targets receive an email pretending to be from Rarible claiming someone purchased their NFT. It requests wallet and seed phrase info to steal funds.

How do I recognize the fake email?

Clues it’s a scam include a non-Rarible email address, spelling/grammar errors, requests for seed phrase, threats to act quickly, and unfamiliar sender name.

What if I provided my seed phrase to the scam email?

If you gave your seed phrase, immediately transfer any remaining funds to a brand new wallet. Then reset passwords for connected accounts and contact authorities.

Can I recover my stolen NFTs?

Contact Rarible and other platforms to report stolen NFTs. They may be able to freeze or recover them if acted upon quickly before being sold.

What should I do if my crypto wallet is drained?

If coins were stored on an exchange instead of just the compromised wallet, contact support immediately to potentially freeze transfers. You can also report to authorities.

How can I avoid this scam in the future?

Never provide your seed phrase or wallet login details via email. Use unique passwords and 2FA on accounts. Verify sender addresses and be cautious of urgent pleas for personal info.

Are there other versions of this NFT phishing scam?

Yes, variations may claim to be from OpenSea, LooksRare, or other platforms. They use the same deceptive tactics. Always verify sender address and never provide your keys.

Can I prevent my email from being targeted?

Unfortunately email addresses get onto phishing lists through breaches, public profiles, and other methods. But being cautious about where you share your email can help.

Who do I report this scam to?

Report to the FTC, FBI IC3, and your local police department. Provide any details about the scam email, transactions, and losses to create an official record.

What happens if I ignore the scam email?

Simply ignoring the email is the best response. Never reply or engage with the scammers at all. Just permanently delete the scam message.

The Bottom Line

The fake NFT purchase email scam can be incredibly convincing and cost victims substantial amounts of cryptocurrency and NFTs. But being aware of this scam’s deceptive tactics can help you avoid becoming another victim.

Here are key tips to protect yourself:

  • Verify the sender’s email address is from the official site, not random domains.
  • Never provide your seed phrase or wallet login credentials.
  • Enable 2FA on all accounts and use strong unique passwords.
  • If scammed, act quickly to transfer funds, reset access, and contact authorities.
  • Be wary of phishing tricks insisting you act urgently or risk losing money.

As the NFT space continues evolving, new scams and hacking threats will emerge alongside all the innovation. But following security best practices is key to safely navigating this new frontier of digital ownership and trading.

Stay vigilant about where you access your accounts, research seller/buyer identities, and think twice before entering any sensitive information. With caution and common sense, NFTs can be an exciting new opportunity for artists, collectors, and investors alike.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.