Cybersecurity experts identified and disclosed the rising popularity of airdrop phishing among crypto and nonfungible token (NFT) scammers.
Airdrops serve as an essential marketing tool for crypto projects, which involves sending free cryptocurrency tokens or NFTs to promote awareness among investors. However, a new report released by Malwarebytes Labs highlighted an alarming rise in airdrop phishing attempts as scammers try to cash in on the hype around Yuga Labs’ BAYC Ape-related NFT collection.
Airdrop phishing: what is it, and how is my cryptocurrency at risk? https://t.co/kWG09l06fi
— Malwarebytes (@Malwarebytes) May 3, 2022
Malwarebytes recorded that the most common airdrop phishing tactics involve the use of fraudulent websites portraying as one of the legitimate platforms, adding that “Apes are, of course, the hottest draw in town where Airdrop phishing is concerned.”
The report acknowledged the fraudsters’ rising interest in ape-themed phishing while citing the “variety of fake pages out there reflects this.”
A fake website offering Bull & APE NFT as bait. Source: Malwarebytes Labs
The above screenshot shows a phishing attempt wherein scammers created a site asking visitors to claim up to 10 Bull & Ape NFTs. However, similar to any other phishing website, when a user tries to claim the seemingly lucrative offer, it prompts for a variety of password/recovery phrases:
“Does this really sound like something you want to hand over your recovery phrase to?”
In addition, Malwarebytes also warns about the rise in the “connect your wallet” airdrop phish wherein Twitter accounts with massive followers pose as popular projects such as Moonbirds project offering NFT airdrops.
A scam account falsely portraying Moonbirds on Twitter. Source: Twitter
As the crypto community notices and calls out such scams, the fraudsters tend to turn off replies to their tweets to prevent being exposed. In this case, the official verified Moonbirds account warned about the imposters.
BEWARE of scammers, we don’t Instagram, have a public discord, or have any other URL other than https://t.co/py5fF2nTlX
— Moonbirds (, ) (@moonbirds) April 8, 2022
Malwarebytes’ advice resounds with the general security recommendations of not saying “yes” to everything a site asks for, concluding:
“If you start granting permissions, or signing transactions, you may find your wallet draining of funds.”
As rightly pointed out in the Malwarebytes report, the hype around Yuga Labs’ NFTs is real. The latest launch of the Otherdeed NFTs, which saw each digital piece of land selling for 305 ApeCoin (APE), witnessed an instant sell-out.
The Otherdeed NFT mint is sold out – we are awestruck at the demand shown tonight. Apes and Mutants, the opening of the 21-day claim period is being delayed until the price of gas drops to reasonable levels. We’ll tweet when the claim opens. https://t.co/iRz64lklbv
— OthersideMeta (@OthersideMeta) May 1, 2022
As Cointelegraph reported, the sale resulted in an unprecedented but momentary spike in Ethereum (ETH) gas fees. Citing some of the issues related to using Ether during its NFT launch, Yuga Labs announced the need for ApeCoin to migrate to its own chain to scale properly.