Recognizing and avoiding phishing sites like the fake OpenSea webpages
Written by Tomas Meskauskas on (updated)
What is the "OpenSea" scam?
The "OpenSea" scam refers to phishing sites disguised as the OpenSea online NFT (Non-Fungible Token) marketplace. The goal of this scheme is to extract users' cryptowallet log-in credentials and subsequently gain access/control over the wallets.
The address of the scam website our researchers have studied is close to OpenSea's; hence, we cannot exclude the possibility of users accessing it by mistyping the URL.
"OpenSea" scam overview
The genuine OpenSea platform can be accessed by connecting it with a digital wallet. When our researchers accessed the fake webpage, they noted that it also mimicked this feature. Additionally, it bore a striking resemblance to the legitimate NFT marketplace.
The scam site offered access via Coinbase, WalletConnect, Fortmatic, and other wallets. Selecting any option and entering the wallet's log-in credentials (e.g., passphrases, private keys, etc.) will not connect it with OpenSea; instead, this data will be recorded and sent to the scammers behind the fraudulent page.
With this information in their possession, the cyber criminals can gain access to the compromised wallets and control over the funds stored therein.
|Name||OpenSea scam website|
|Threat Type||Phishing, Scam, Social Engineering, Fraud|
|Disguise||Scam page is disguised as the OpenSea website|
|Related Domains||opensae[.]help, open-soa[.]com, openseaco[.]com|
|Detection Names (opensae[.]help)||N/A (VirusTotal)|
|Distribution methods||Compromised websites, rogue online pop-up ads, potentially unwanted applications.|
|Damage||Loss of sensitive private information, monetary loss, identity theft, possible malware infections.|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Combo Cleaner.
Cryptocurrency-centered scam examples
We have researched many cryptocurrency-themed scams. "Coinbase scam", "Solflare scam", "MetaMask Holders Rewards" - are a few those resembling this "OpenSea" scheme, and "NASA ETH and BTC Giveaway", "Ripple Giveaway", "LiteCoin Giveaway" - a couple examples of fake cryptocurrency giveaways.
Users should note that scammer interest in digital currencies has increased in response to their rise in popularity. Therefore, we advise exercising caution and vigilance.
How did I open a scam website?
Our research team discovered the fake "OpenSea" webpage when researching sites employing rogue advertising networks. However, scam pages can be encountered variously.
Considering the closeness of the analyzed site's URL to the legitimate OpenSea website's address - it is possible that users may access the scam by mistyping the URL. Deceptive browser notifications/ intrusive advertisements also promote such sites, as do the ads delivered by adware. Furthermore, some types of adware can force a browser to open suspicious/malicious websites randomly.
How to avoid visiting scam websites?
Rogue advertising-network-supported sites are known to push scams; hence, we advise against visiting/using them. Torrent, illegal streaming and downloading websites are known to use these networks for monetization purposes. Therefore, you should avoid accessing webpages that offer illegal or questionable services/content.
Additionally, notification requests from dubious sites should be ignored or declined (e.g., "Block", "Block Notifications", etc.), since these notifications are commonly used to promote scams.
Adware can also be responsible for placing scam-endorsing ads and/or causing redirects to such pages. Therefore, our researchers emphasize the importance of downloading only from official/verified sources and carefully approaching installations (e.g., exploring options, using "Custom/Advanced" settings, opting-out from supplements, etc.) - to avoid installing adware and other malicious software.
It is crucial to have a reputable anti-virus installed and kept up-to-date. Security programs have to be used to perform regular system scans and to remove detected threats. If your computer is already infected, we recommend running a scan with Combo Cleaner Antivirus for Windows to automatically eliminate all threats.
Text presented in the "OpenSea" scam:
Discover, collect, and sell extraordinary NFTs
OpenSea is the world's first and largest NFT marketplace
Learn more about OpenSea
Create and sell your NFTs
Once you’ve set up your wallet of choice, connect it to OpenSea by clicking the wallet icon in the top right corner. Learn about the wallets we support.
Click My Collections and set up your collection. Add social links, a description, profile & banner images, and set a secondary sales fee.
Upload your work (image, video, audio, or 3D art), add a title and description, and customize your NFTs with properties, stats, and unlockable content.
Choose between auctions, fixed-price listings, and declining-price listings. You choose how you want to sell your NFTs, and we help you sell them!
The NFT marketplace with everything for everyone
Fiat on-ramp and profile customization is coming soon.
The appearance of "OpenSea" pop-up scam (GIF):
Another example of OpenSea pop-up scam:
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is OpenSea scam website?
- How to identify a pop-up scam?
- How do pop-up scams work?
- How to remove fake pop-ups?
- How to prevent fake pop-ups?
- What to do if you fell for a pop-up scam?
How to identify a pop-up scam?
Pop-up windows with various fake messages are a common type of lures cybercriminals use. They collect sensitive personal data, trick Internet users into calling fake tech support numbers, subscribe to useless online services, invest in shady cryptocurrency schemes, etc.
While in the majority of cases these pop-ups don't infect users' devices with malware, they can cause direct monetary loss or could result in identity theft.
Cybercriminals strive to create their rogue pop-up windows to look trustworthy, however, scams typically have the following characteristics:
- Spelling mistakes and non-professional images - Closely inspect the information displayed in a pop-up. Spelling mistakes and unprofessional images could be a sign of a scam.
- Sense of urgency - Countdown timer with a couple of minutes on it, asking you to enter your personal information or subscribe to some online service.
- Statements that you won something - If you haven't participated in a lottery, online competition, etc., and you see a pop-up window stating that you won.
- Computer or mobile device scan - A pop-up window that scans your device and informs of detected issues - is undoubtedly a scam; webpages cannot perform such actions.
- Exclusivity - Pop-up windows stating that only you are given secret access to a financial scheme that can quickly make you rich.
Example of a pop-up scam:
How do pop-up scams work?
Cybercriminals and deceptive marketers usually use various advertising networks, search engine poisoning techniques, and shady websites to generate traffic to their pop-ups. Users land on their online lures after clicking on fake download buttons, using a torrent website, or simply clicking on an Internet search engine result.
Based on users' location and device information, they are presented with a scam pop-up. Lures presented in such pop-ups range from get-rich-quick schemes to fake virus scans.
How to remove fake pop-ups?
In most cases, pop-up scams do not infect users' devices with malware. If you encountered a scam pop-up, simply closing it should be enough. In some cases scam, pop-ups may be hard to close; in such cases - close your Internet browser and restart it.
In extremely rare cases, you might need to reset your Internet browser. For this, use our instructions explaining how to reset Internet browser settings.
How to prevent fake pop-ups?
To prevent seeing pop-up scams, you should visit only reputable websites. Torrent, Crack, free online movie streaming, YouTube video download, and other websites of similar reputation commonly redirect Internet users to pop-up scams.
To minimize the risk of encountering pop-up scams, you should keep your Internet browsers up-to-date and use reputable anti-malware application. For this purpose, we recommend Combo Cleaner Antivirus for Windows.
What to do if you fell for a pop-up scam?
This depends on the type of scam that you fell for. Most commonly, pop-up scams try to trick users into sending money, giving away personal information, or giving access to one's device.
- If you sent money to scammers: You should contact your financial institution and explain that you were scammed. If informed promptly, there's a chance to get your money back.
- If you gave away your personal information: You should change your passwords and enable two-factor authentication in all online services that you use. Visit Federal Trade Commission to report identity theft and get personalized recovery steps.
- If you let scammers connect to your device: You should scan your computer with reputable anti-malware (we recommend Combo Cleaner Antivirus for Windows) - cyber criminals could have planted trojans, keyloggers, and other malware, don't use your computer until removing possible threats.
- Help other Internet users: report Internet scams to Federal Trade Commission.
Frequently Asked Questions (FAQ)
What is a pop-up scam?
Online (including fake pop-up) scams are deceptive messages intended to trick users into performing specific actions. For example, this content can lure/scare victims into disclosing private/sensitive information, transferring money/cryptocurrencies, downloading/installing and/or purchasing software, and so forth.
What is the purpose of online scams?
All scams aim to generate revenue. Online scams can achieve this by acquiring funds through deception, abusing or selling vulnerable data, promoting (likely untrustworthy/dangerous) software, proliferating malware, etc.
I have provided my personal information when tricked by a scam, what should I do?
If you have provided log-in credentials - immediately change them (i.e., passwords, passphrases, etc.) on all potentially compromised accounts and contact their official support. If you've disclosed other personal information (e.g., ID card details, credit card numbers, etc.) - contact the corresponding authorities without delay.
Why do I encounter online scams?
Online scams are promoted on deceptive pages that users typically enter inadvertently. These sites can be accessed through mistyped URLs or redirects caused by webpages using rogue advertising networks, spam browser notifications/ intrusive adverts, or installed adware.
Will Combo Cleaner protect me from online scams?
Combo Cleaner is capable of scanning visited sites and detecting deceptive/malicious ones. Additionally, it can restrict all further access to such websites.
▼ Show Discussion