METAVERSE SCAMS - An Italian saying reads: "made the rule made the scammer". And it seems that this idiom applies well to the still little-known world of the decentralized web. A place that at the height of its expression becomes invisible and impenetrable for scammers, but that today is still subject to the danger of scams by expert hackers, who use techniques already experienced on the web or who invent new ones. They range from well-known phishing and identity theft, to NFT forgery. Let’s see what are the most common metaverse scams
"While technological advances create exciting new opportunities for many businesses, scammers are already trying to capitalize on the hype associated with metaverse and NFT.
They are developing high-tech stratagems to create a facade of legitimacy and deceive victims, while playing on their emotions by falsely promising profitable profitability, Guaranteed income, financial security and the unique opportunity to become metaverse millionaires. We are discovering an increasing number of suspicious solicitations for unrecorded shares related to the metaverse".
This is what we read in the press release issued by the 5 regulators of Alabama, Kentucky, New Jersey, Texas and Wisconsin about a scam implemented on the Metaverse of Decentralizland under the name of the famous Flamingo Casino Club. In this case it investigates a casino that would be selling tickets to follow a virtual concert by rapper Snoop Dogg or would allow to buy land near his home in the Metaverse. But once you buy and pay in cryptocurrencies, buyers will find that these things are nonexistent even in the virtual world.
The suspicion also comes from the fact that the Flamingo Casino Club is "using a bogus office address, - reads the statement - providing a phone number that is not in service, hiding its actual physical location and hiding material information about its main".
"I think it is premature to talk about applicable technical solutions, as there is still no true unified metaverse," explains Lorenzo Asuni, Chief Marketing Officer of the Italian cybersecurity company Ermes. "What we can do today is identify the typical trends of a new technology that could exploit the ingenuity and lack of attention of users. There are no defenses at the moment, except education and good personal practices".
One of the most popular scams is the one about buying and selling NFT, as in the case of the Flamingo Casino Club, which actually do not exist or are fake. This is the most common scam and happens by taking an image, a photo, an invitation to an event or anything else that is then copied to create a fake NFT. This is then sold by a profile that looks credited - but is not. The scam is difficult to find out and when it happens, in most cases, the cryptocurrency transaction has already happened and you can no longer be compensated.
Among the old and well-known scams is phishing, a purely digital scam that is mainly implemented through misleading emails. Through an email, only apparently coming from accredited institutions (banks, webmail, e-commerce of well-known and reliable brands, etc.) you receive a message inviting, reporting problems of registration or other nature, to provide their confidential service access data.
Usually in the message, to falsely reassure the user, is indicated a link (link) that refers only apparently to the website of the credit institution or service to which you are registered. In fact, the site to which you connect was artfully set up identical to the original. If you enter your confidential data, it will be available to criminals.
It falls into the category of phishing but is aimed at obtaining the data of celebrities, politicians, sportsmen with large following, influencers, youtuber to access their private information and steal his identity. This way you can, at best, make them believe you are them to sponsor products on behalf of that character. The purpose can also be to empty his bank account and his wallet in the Metaverse, access other sensitive information, possible slanderous destinations so that they can be used as blackmail.
Everything that we have seen should be avoided if it comes down to the final form of Web3, which is to be decentralized. The purpose is to ensure that the user can be able to repossess their information and data entered in the network. This would be guaranteed by the use of the blockchain.
Any content placed on the web, from an identity, to a website or anything else that makes its access to the network will be automatically managed within a blockchain block. This technology will in turn be hosted inside personal "wallets" accessible only through special security keys, which make impenetrable and inaccessible the data that have been entered. This means that only the owner of the information - and in some cases neither - is able to access it and make changes or delete it.
Moreover, with the use of NFT and cryptocurrencies there is also a decentralization of monetization, which would no longer pass from regulatory bodies.
However, these characteristics are still a utopia, because, despite the many years of development, they have not yet reached the maximum of their potential and therefore are subject to risks.
Viola Meacci, student of Biomedical Engineering at the University of Pisa, has always been interested in the world of journalism. In her job, she explored the world of blockchain, cryptocurrencies, NFT and metaverse which she now very is passionate about it .