If an NFT project seems too good to be true, it most likely is. Projects that have been pumped up through social media or by paid influencers, but which aren’t backed by a solid roadmap (or an overpromising one) can often be a ‘rug pull’—where its creators tend to cash out after minting and disappear.

Founder of blue-chip collection ‘Azuki’ has recently landed into a rug pull scandal after admitting to profit from past failed projects, prompting holders to pull out and causing prices to plummet. Make sure the creators have been ‘doxxed’, meaning the team is publicly identified and is credible from past experiences.

An airdrop is when NFTs are sent out for free as part of a marketing strategy, in hopes of boosting engagement and promotion. While freebies are great, some airdrops can be sent with malicious intent. Once your wallet address is made public, anyone can interact with your account and send NFTs without your acknowledgment. Never interact with sudden airdrops to avoid authorizing contract approvals, as this may enable a scammer draining your wallet. 

Granted the best thing about Web3 and NFTs are the community, but when getting involved, be vigilant when interacting with strangers. Disable direct messaging on Discord to avoid scams. Legitimate messages are often broadcasted through official channels and administrators will almost never directly reach out, nor ask for your seed phrase (master password).  

If you plan to offload your NFT peer-to-peer instead of on secondary marketplaces such as OpenSea and LooksRare, make sure the marketplace is authentic, as cases of stolen NFTs during a trade have been prevalent. Only transact with people you trust and do not share screen with strangers as this can expose your wallet QR code.

Stick to the rule of thumb and never share or reuse passwords. A seed phrase consisting of a series of words are assigned to each software wallet during set-up to recover access. Ironically, the best way to safeguard your cryptocurrency password is to revert back to the analogue way, by writing down your password on paper—as long as you don’t lose it. It is also advisable to activate two-factor authentication (2FA) as an extra layer of protection instead of just username and password.

It’s time to shop for a new wallet, but a metal one. Similar to a USB drive, a hardware wallet (also known as a cold wallet) can securely store your cryptocurrency private keys and NFTs. The device is disconnected from the internet with no connectivity purposes and is protected by a PIN. The dual-layer security requires physical access to the device, making it immune to malware.

The origin and ownership of an NFT can be traced by its metadata and transaction history. However, blue-chip projects have been attracting counterfeit collections being released and resold, rendering their value to be worthless. A fake NFT can be detected by doing a reverse image search to verify the collection and artist and to judge by its listed price. Also make sure to purchase from trusted marketplaces to ensure the seller’s credibility