As non-fungible tokens (NFTs) attract more users, they also attract the eyes of scammers. Web3 bad actors have set their sights on digital collectibles, where millions have been lost through various scams and attacks.

However, according to professionals working in the Web3 space, there are multiple ways and tools to prevent becoming a victim of NFT theft. In addition, users can also take various actions after losing their digital holdings due to hackers.

Ronghui Gu, co-founder and CEO of blockchain security firm CertiK, told Cointelegraph that the first and most important step is always due diligence. “Avoid clicking on suspicious links and be very careful when signing token approvals,” Gu shared.

Taking it a step further, the CEO shared other best practices such as periodic scanning, revoking unnecessary permissions, and segregating NFTs into different wallets according to their purpose. He also explained that:

“Long-term custody should be held in a secure wallet that interacts with little, if any, application. Hardware wallets have a somewhat steep learning curve, but the time investment is worth it.”
When asked about what can be done once assets are lost, Gu said it’s unfortunate, but “there’s not much” users can do to recover assets. However, NFT marketplaces can blacklist NFTs so that they can no longer be traded. “Raising awareness of common scams is an ongoing effort. Educating users about the safest ways to transact and how they can reduce their risk is the first step.”

While hardware wallets may be a great solution, Michael Pearce, CEO of Web3 security firm NotCommon, said there are still risks involved. He explained that:

“People should buy hardware directly from the manufacturer to reduce any chance of tampering with the wallet before the person receives it.”
Meanwhile, if the scam or attack did indeed occur, Pearce recommended that victims report it to databases such as NotCommon to “help keep others safe and identify the scammer.” If the potential losses were significant, the executive urged the victims to take legal action if possible.

Crashproof Cryptocurrency Trading for Anyone Sick and Tired of Waiting for Bitcoin >>>
Mohamed Issa, chief strategist at data firm Chainalysis, also shared some thoughts on the matter. According to Issa, as NFTs have become one of the fastest growing areas in crypto, they have become a “favorite target for hackers.” He explained that:

“NFT transactions create a new challenge for cryptocurrency investigation since decentralized protocols are much more complex and much more difficult to track than traditional centralized services.”
Issa also told Cointelegraph about the importance of being proactive when falling victim to theft. While it is very important to report scams and hacks to law enforcement, it is believed that NFT holders can protect their investments by using tools such as Storyline, an analytics software created by their company.

Stolen NFT movement tracking tool. Source: Chainalysis
Issa believes the tool can enable users to assist investigators after they have been hacked and help them focus on the most important transactions and funds.

Related: New NFT private auction scam threatens OpenSea users

Alvin Kahn, Director of Growth Operations at BNB Chain, also shared that users can use tools like — a way to check wallet status and revoke approvals — and browser extensions that provide risk warnings before contracts are signed.

Within the BNB chain ecosystem, Kan told Cointelegraph there are efforts from the community to provide more security tools for NFTs. The executive talked about an NFT authenticity-finding tool called GoPlus and other on-chain initiatives like DappBay’s Red Alarm and AvengerDAO, which Kan believes help users stay one step ahead of scammers. He explained that:

“These tools, with the contribution of ecosystem projects, assess project risk levels in real time and alert users of potentially risky DApps so that users do not interact with malicious DApps and contracts.”
After becoming a victim of a hack or scam, Kahn explained that it was important to gain access to the NFT markets. When all else fails, the executive said burning the code may be a last resort. Reaching out to the NFT project and asking them to burn the affected or stolen token may be the ultimate solution.