Airdrops are a common way to receive NFTs and tokens. They are also a common tool scammers use to steal tokens and NFTs from wallets.
These attacks usually use an NFT or token with:
- A URL in the name (i.e. uniswap-airdrop.claim)
- A URL in the description (i.e. uniswap-airdrop.claim)
The website attached offers to redeem the token/NFT received for a token with value (ETH, UNI, etc). During the redemption process, the scammers trick the victim into approving a contract in their wallet.
Once the approval is done, the scammers have permissions to the tokens and NFTs in the victims wallet. Then they transfer everything out of the victims wallet.
If you receive an NFT or token from an unknown sender that you were not expecting to receive, we recommended that you don’t attempt to claim the airdrop.
If you have accepted an airdrop from a NFT or token you weren’t expecting, you may want to consider transferring everything out of your wallet to a different wallet. Note: Transfers require a network fee.
To protect yourself from these scams, follow these steps:
- If you receive a NFT or token with a URL, do your research before attempting to claim.
- If you receive a NFT or token from an unknown source, do not attempt to swap or sell it.