Customers of a popular NFT seller have been warned not to fall for social media scams after fraudsters hijacked its account to scam some out of millions of dollars worth of virtual goods.
Bored Ape Yacht Club (BAYC) revealed yesterday that its Instagram account was “hacked” in order to trick customers into transferring their NFTs.
“The hacker posted a fraudulent link to a copycat of the BAYC website with a fake Airdrop, where users were prompted to sign a ‘safeTransferFrom’ transaction. This transferred their assets to the scammer’s wallet,” it explained.
It’s reported that the lure was a claim that users could mint “land” in BAYC’s Otherside metaverse project if they clicked through.
“Immediately upon discovering the hack, we alerted our community, removed links to the compromised IG account from our platforms and attempted to recover the account,” BAYC continued.
“At the time of the hack, two-factor authentication was enabled and security surrounding the IG account followed best practices. We’ve regained control of the account, and are investigating how the hacker gained access with IG’s team.”
It’s believed that over 50 NFTs were stolen in this way. A spokesperson for BAYC owner Yuga Labs told reporters that the firm alerted its community about the scam just before 10 am Eastern Time yesterday.
“Rough estimated losses due to the scam are four Bored Apes, six Mutant Apes, and three BAKC, as well as assorted other NFTs estimated at a total value of ~$3m,” they reportedly said. “We are actively working to establish contact with affected users.”
The burgeoning NFT space is increasingly associated with scams and attempted fraud. A report last month revealed a 400% year-on-year increase in NFT-related fraud in 2021