One of the aspects to keep in mind when working with crypto and blockchain is the security of our wallets. Blockchain and cryptocurrencies only provide a certain level of protection and anonymity but as we will see in the below example, there are techniques that can be traced back to everything and fix a name behind an address and wallet. Just as it is never wise to publish and disseminate your private crypto address to everyone, in the same way we must not publish the IDs of our NFTs that we have. The reason for this is that they are in effect unique pieces of information that only we will have. The image is the same for the whole collection might be identical but the underlying identifier isn’t. Today we are going to analyze and show a technique that is used by criminals and unscrupulous people to obtain private information about us and our wallets, putting us in awe and even blackmailing us in the most diverse ways. 01 - The Screenshot The first step that the criminal takes is to scroll through various posts and stories of any social network, especially those with hashtags related to crypto and #NFT, to find the naive person who published the ID or even the link of the their brand new NFT just purchased or received. In this example, a story about the recent purchase is shared showing different elements of the NFTs just purchased as the famous unique IDs (obviously for privacy names and IDs have been hidden and any addresses in this article are completely random to protect and protect this potential victim): 02 - Find the NFT Now that we have recovered both the type of collection and the NFT ID, the criminal goes to the famous OpenSea platform. The search field he enters what he found in the image to identify the correct collection, which in this case is the one belonging to " " that as we can see from the collection, it has all identical pieces and a total of 586 pieces at the moment, which allows us to narrow the search a lot: JR - Can Art Change the War? 03 - Find the Owner's Address At this point, after identifying the NFT with that ID, the criminal proceeds to open the related NFT and check more information, that is, the "Owned" field, as some people also put their name and surname or their nickname and then proceed to click on its name to find out its address. In this case, we take a random NFT, and we see that in the owned field there is written Barcelona_Lakers, and that their address is 0xf545D18b3e17bc8d7D48D0f16c44441A88BC7705: 04 - Let's Find Out How Many Crypto Items the Victim Owns The next step, now that we have the victim's address, is to find out how many crypto there are in that address and to do so, simply enter that address in a suitable block explorer, in this case Etherscan: What we see now is both the strength and the weakness of any public blockchain, i.e. the transparency of the operations and the balance that contains this address which is 0.5 ETH, and from here we can also see how many tokens it has and what other NFTs and operations did: about 05 - The Scam Starts The whole process is now set up and can start with one or more scams against the victim because if we know the email, we can send phishing or extortion emails for various reasons, as we can identify with extreme precision the various transactions that the victim has done which makes the attack extremely effective and dangerous against the victims. How Should One Defend Themselves? The rule that must always be remembered is to never reveal sensitive information anywhere, just as you do not write your current account anywhere in the same way, the address number and even the ID of your NFTs should not be written. Another strategy is to use different wallets to divide both crypto and NFT purchases, therefore 1 NFT 1 address in order to avoid and limit this type of phenomenon, which, however, not everyone does, but which is a good idea to do. Trash any type of contact and email that comes to us from strangers, regarding our wallet or NFTs we hold, as most likely this information was recovered with one of these aforementioned methods. Here is a video for readers who speak Italian. https://youtu.be/v6vLPwrC_Pg

Ethereum

OpenSea

The Lost Diamond - The Blockchain Treasure Hunt

ZEOS - Privacy on EOS

Check my free book Mastering EOS

Read My Stories

All my books (over 100)

My StartUp

1 NFT = 1 Book 

A must-read book

Invest in my StartUp

Nominated for 2022 - HackerNoon Contributor of the Year - Crypto Trading

Nominated for 2022 - HackerNoon Contributor of the Year - Tokenization

Nominated for 2022 - HackerNoon Contributor of the Year - Crypto Adoption

Too Long; Didn't Read

CTA: Download the FREE AI Productivity Shift report

How to Find Out Who Owns an NFT

How to Find Out Who Owns an NFT

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

Labubu Authenticity Guide

3 Cybersecurity Priorities for 2021: Threat Fatigue; Remote Work; Budget

2gether compensates for its crypto cyber-attack losses

3 Simple Upgrades to Improve SMB Cybersecurity

3 Steps Retailers Should Take to Prevent Holiday Data Breaches

Labubu Authenticity Guide

3 Cybersecurity Priorities for 2021: Threat Fatigue; Remote Work; Budget

2gether compensates for its crypto cyber-attack losses

3 Simple Upgrades to Improve SMB Cybersecurity

3 Steps Retailers Should Take to Prevent Holiday Data Breaches

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps