Porsche Abruptly Halts NFT Launch, Allowing Phishing Sites to Take Advantage

Porsche abruptly cut its minting of a new NFT collection short after a dismal turnout and backlash from the crypto community, allowing threat actors to fill the void by creating phishing sites that steal digital assets from cryptocurrency wallets. NFTs are digital assets stored on a blockchain, representing proof of authenticity and ownership of an item, such as an artwork image, music, and anything that can take the form of digital media. The German automaker launched its first NFT mint last Monday, January 23, 2023, offering a digital replica of the iconic 911 car for 0.911 ETH, valued at about $1,500. Delays in the rollout of the collection caused frustration in the community, as only about 20% of the promised 7,500 NFTs had been minted after 24 hours and three minting waves. To make matters worse, a flourishing NFT resale market was set up over at OpenSea, where it was cheaper to buy the Porsche collectibles than get the original, which devalued the assets immediately and further infuriated investors and traders. Eventually, on January 24, Porsche announced they would stop the minting process and cut the supply until they figured out how to get the NFT debut right. The actual minting process didn't stop until January 25 at 6 AM UTC-5, giving scammers plenty of chance to leverage the confusing situation. While the Porsche NFTs rose in value in the coming days, so did the scale of fraudulent activity around the mint, with threat actors launching phishing sites to impersonate an ongoing Porsche mint. When users connected their crypto wallets to the phishing sites, they would attempt to drain the assets and funds in the wallets. This forced Porsche to warn on January 27 about fake accounts promoting the continuation of the NFT minting process to steal people's details and assets. Today, over a week after Porsche's failed NFT launch, several scammers continue to trick people looking to obtain custom digital 911 NFTs. BleepingComputer had found a notable case of a now-suspended Twitter account with almost 11,000 followers impersonating Porsche's NFT-dedicated account. While this account linked to Porsche's real Discord channel, it also linked to a malicious site that's visually a clone of Porsche's genuine NFT portal at Nft.porsche.com. While the actual site has a notice about the minting closure, the fake one pretends that the procedure is still underway, inviting users to link their wallets. The fake Twitter account had a pinned tweet saying that the remaining Porsche NFTs are now available to claim for free while also promising the renewal of the stock for the remaining community. The fake account had disabled user comments under all posts and even re-tweets posts of the real Porsche account, which made it easy to trick people into getting a digital 911 NFT while missing signs of fraud. The scam account was shut down today, with a previous one used by the same scammer appearing also to have been suspended. Other accounts are likely taking advantage of the Porsche Web3 snafu, so aspiring investors are advised to be extra vigilant.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 30 Jan 2023 22:59:02 +0000


Cyber News related to Porsche Abruptly Halts NFT Launch, Allowing Phishing Sites to Take Advantage

Porsche Abruptly Halts NFT Launch, Allowing Phishing Sites to Take Advantage - Porsche abruptly cut its minting of a new NFT collection short after a dismal turnout and backlash from the crypto community, allowing threat actors to fill the void by creating phishing sites that steal digital assets from cryptocurrency wallets. ...
1 year ago Bleepingcomputer.com
Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
8 months ago Techrepublic.com
NFT Company Obtains Restraining Order to Freeze Hacker's Online Wallet - A British investment company, NFT Investments, announced Tuesday that it had obtained a restraining order against an online wallet holding assets a hacker stole from it earlier this year. NFT Investments, which works with small companies developing ...
1 year ago Therecord.media
Check Point Research Unfolds: Navigating the Deceptive Waters: Unmasking A Sophisticated Ongoing NFT Airdrop Scam - Sophisticated Scam Targeting Token Holders: Over 100 popular projects' token holders targeted with fake NFT airdrops appearing from reputable sources. Multi-Stage Deception Uncovered: The ongoing Scam involves enticing victims to fraudulent websites ...
8 months ago Blog.checkpoint.com
Flipping the BEC funnel: Phishing in the age of GenAI - For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic email and fire it out to thousands of recipients in the hope that a few might take the bait. Common among these new techniques was a shift towards ...
8 months ago Helpnetsecurity.com
Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
8 months ago Gbhackers.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
1 year ago Trendmicro.com
USPS Delivery Phishing Scam Exploits SaaS Providers to Steal Data - A new USPS Delivery Phishing Scam has surfaced, in which scammers are exploiting Freemium Dynamic DNS and SaaS Providers to steal victims' login credentials and other data. Cybersecurity researchers at Bloster AI have uncovered a new USPS Delivery ...
10 months ago Hackread.com
The Future of Phishing Email Training for Employees in Cybersecurity - One common method they use is through phishing emails. To counter this changing threat, companies must give importance to providing phishing email training for employees on identifying and responding properly to phishing attempts. Standard training ...
5 months ago Hackread.com
Phishing Campaign Exploits Open Redirection Vulnerability In 'Indeed.com' - Phishing remains one of the most prevalent challenges facing organisations, with more than three billion malicious emails estimated to be sent around the world every day. Owing to the prevalence of the problem, Verizon's 2023 Data Breach ...
7 months ago Cyberdefensemagazine.com
Multiple NFT collections at risk by flaw in open-source library - A vulnerability in an open-source library that is common across the Web3 space impacts the security of pre-built smart contracts, affecting multiple NFT collections, including Coinbase. The disclosure came earlier today from Web3 development platform ...
10 months ago Bleepingcomputer.com
Watch out for "I can't believe he is gone" Facebook phishing posts - This phishing attack is ongoing and widely spread on Facebook through friend's hacked accounts, as the threat actors build a massive army of stolen accounts for use in further scams on the social media platform. As the posts come from your friends' ...
8 months ago Bleepingcomputer.com
Vade Releases 2023 Phishers' Favorites Report - PRESS RELEASE. SAN FRANCISCO, Feb. 15, 2024 /PRNewswire/ - Vade, a global leader in threat detection and response with more than 1.4 billion mailboxes protected, today announced its annual Phishers' Favorites report for 2023. Phishers' Favorites ...
7 months ago Darkreading.com
One Phish, Two Phish, Red Phish, Blue Phish - I sat down for a chat with George Skouroupathis, our phishing expert at Resonance Security. Phishing is often the first step taken by hackers in a larger scam. There are lots of different kinds of phishing attacks, but one of the most prevalent is ...
4 months ago Hackread.com
Crypto drainer steals $59 million from 63k people in Twitter ad push - Google and Twitter ads are promoting sites containing a cryptocurrency drainer named 'MS Drainer' that has already stolen $59 million from 63,210 victims over the past nine months. According to blockchain threat analysts at ScamSniffer, they ...
9 months ago Bleepingcomputer.com
Telegram is a Wide-Open Marketplace for Phishing Tools - The encrypted messaging app Telegram has become a veritable marketplace for bad actors who want to launch effective phishing campaigns on the cheap, essentially democratizing the cyberthreat, according to researchers at cybersecurity firm Guardio. ...
8 months ago Securityboulevard.com
"Quishing" you a Happy Holiday Season - QR Code phishing scams - What they are and how to avoid them. Originally invented to keep track of car parts in the early 90s, QR codes have been around for decades. Quishing, or QR Code phishing, exploits smartphone users scanning the 2D barcode, ...
9 months ago Netcraft.com
4500+ WordPress Sites Hacked with a Monero Cryptojacking Campaign - Security researchers recently reported the discovery of a massive Monero hacking campaign targeted at WordPress sites. According to reports, more than 4500 WordPress sites were compromised with a malicious cryptocurrency-mining campaign. The hackers ...
1 year ago Thehackernews.com
Splunk: AI isn't making spear phishing more effective - Despite increased concerns, AI tools won't give adversaries an advantage when it comes to sending effective phishing emails, according to new research by Splunk's Surge security research team. In a blog post Thursday, Tamara Chacon, security ...
9 months ago Techtarget.com
Police takes down BulletProftLink large-scale phishing provider - The notorious BulletProftLink phishing-as-a-service platform that provided more than 300 phishing templates has been seized, the Royal Malaysian Police announced. The operation started in 2015 but came to researchers' radar later and became more ...
10 months ago Bleepingcomputer.com
5 Common Phishing Vectors and Examples - Phishing attacks can be executed through various means, such as SMS and phone calls, but the most prevalent method involves sending victims emails containing malicious attachments. Let's take a closer look at these types and examine examples of ...
4 months ago Cybersecuritynews.com
Telegram Emerges as Hub for Cybercrime, Phishing Attacks as Cheap as $230 - Cybersecurity experts raise alarms as Telegram becomes a hotspot for cybercrime, fueling the rise of phishing attacks. In a recent development, cybersecurity researchers shed light on the democratization of the phishing landscape, courtesy of ...
8 months ago Cysecurity.news
WordPress hosting service Kinsta targeted by Google phishing ads - WordPress hosting provider Kinsta is warning customers that Google ads have been observed promoting phishing sites to steal hosting credentials. Kinsta says the phishing attacks aim to steal login credentials for MyKinsta, a key service the company ...
9 months ago Bleepingcomputer.com
Hackers Stolen Over $58 Million Crypto Via Malicious Google Ads - Threat actors targeting crypto wallets for illicit transactions have been in practice for quite some time. Threat actors have been using Wallet Drainers for such cybercrime activities, which have seen great success in recent years. Several techniques ...
9 months ago Gbhackers.com
New phishing attack steals your Instagram backup codes to bypass 2FA - A new phishing campaign pretending to be a 'copyright infringement' email attempts to steal the backup codes of Instagram users, allowing hackers to bypass the two-factor authentication configured on the account. Two-factor authentication is a ...
9 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)