Malicious NFT contract scams#

Be careful when connecting your wallet to unfamiliar sites offering a chance to mint an NFT.

Scammers commonly impersonate upcoming projects, often right as the real project launches. They create fake websites, minting contracts, and social media accounts that look like the real project to lower your guard.

A malicious minting contract steals funds from unsuspecting users. To do so, it needs you to connect your wallet and grant it certain permissions. Avoid this by only clicking credible links and connecting your wallet to a project's official website.

Be careful with the permissions you grant. Wallet transactions may ask you to grant a contract permission to access funds — this can be legitimate when minting an NFT, which requires paying the creator a fee. Some contracts request access to an unlimited amount; this is common (to avoid approving each transaction) and not always a scam, but your funds may be at risk if you do not revoke the permission after minting.

To revoke approvals, use the Centurion block explorer's approval checker and connect your wallet, or follow How to revoke a token approval. Revoking permissions incurs a network cost.

Related#

• How to revoke a token approval
• Impersonation website scams
• Airdropped NFT or token scams
• What is an approval transaction?