The Federal Bureau of Investigation is now warning about a new scam involving NFT airdrops on the Hedera Hashgraph network. Cybercriminals are actively exploiting this particular feature to steal cryptocurrency directly from users’ digital wallets, prompting increased user vigilance. Airdrops, typically used by projects for marketing or as community rewards, are now being cunningly employed by these malicious actors. The FBI advisory explains that criminals can exploit this Hedera airdrop tactic to illicitly collect victim data and then steal their cryptocurrency. Attackers send unsolicited NFTs or tokens to wallets with memos prompting users to click a URL to claim their supposed reward.
Clicking the provided malicious link unfortunately takes unsuspecting victims to carefully designed phishing sites or various decentralized applications (dApps). These fraudulent online platforms then deceitfully ask users to input highly sensitive information like their account passwords and wallet recovery seed phrases. Attackers can then readily use this stolen sensitive information to completely hijack the victim’s cryptocurrency wallets and subsequently empty all their funds. Hedera Hashgraph is a distributed ledger technology and public network, conceptually similar to Ethereum but built on a different hashgraph data structure. This specific technology was introduced in the year 2018 as a next-generation distributed ledger aiming to overcome many limitations.
The FBI advisory explains that criminals can exploit this Hedera airdrop tactic to illicitly collect victim data and then steal their cryptocurrency.
The Federal Bureau of Investigation states that these fraudsters currently promote their widespread fraud campaigns beyond just the unsolicited NFT airdrops. Their current promotional methods also include many deceptive phishing emails, misleading social media advertisements, and also numerous professionally designed fake websites. When receiving any airdrop alerts, it is highly advisable for users to always independently verify their legitimacy directly with the official source. This critical verification step should be done using the official customer service number or email, never those listed on suspicious emails. During any NFT claiming or minting process, it is absolutely crucial never to share any passwords, valuable seed phrases, or one-time passwords.
Hedera Hashgraph is a distributed ledger technology and public network, conceptually similar to Ethereum but built on a different hashgraph data structure.
Users should ensure they only share any sensitive information if they themselves initiated the original contact with a verified and trusted entity. Furthermore, all cryptocurrency accounts should be regularly and diligently monitored by their owners for any potential signs of unauthorized activity. This importantly includes checking for suspicious transactions and also any unusual login attempts that might indicate a compromise of their valuable account. If anyone strongly suspects they have been compromised by these pervasive scammers, it is advisable to contact their account providers immediately. They should then promptly report the entire incident to the FBI’s Internet Crime Complaint Center (IC3) with all relevant available details possible.
Reference:
