As non-fungible tokens (NFTs) become increasingly popular and valuable, related scams are also on the rise. Since these scams utilize domain names and websites, WhoisXML API examined the registration of NFT-related domain names, fortifying our findings with WHOIS and IP intelligence. Our analysis revealed:
- 34,000+ domains registered over time as of 17 January 2022 containing the text strings “nft” + mint,” “opensea,” “metamask,” “axie,” “nifty,” and “theta”
- 2,000+ NRDs containing the text strings “nft” + “mint,” “opensea,” “metamask,” “axie,” “nifty,” and “theta” registered between 17 December 2021 and 17 January 2022
- 32,000+ subdomains registered as of 17 January 2022 containing the text strings “nft” + “mint,” “opensea,” “metamask,” “axie,” “nifty,” and “theta”
- 1,400+ subdomains containing the text strings “nft” + “mint,” “opensea,” “metamask,” “axie,” “nifty,” and “theta” added between 17 December 2021 and 17 January 2022
- 3,000+ IP resolutions of the 2,200+ NRDs, pointing to 1,800+ unique IP addresses
- 200+ possibly cybersquatting domains, along with their WHOIS records, using the text string “nft” along with famous brand names, specifically “paypal,” “adidas,” “jpmorgan,” “apple,” “cocacola,” “mcdonald,” “nike,” “walmart,” “google,” and “rolex”
Download the threat research materials containing the data related to potential NFT scams.