With the popularity of Non-Fungible Tokens (NFTs), NFTs have become a new target of phishing attacks, posing a significant threat to the NFT trading ecosystem. There has been growing anecdotal evidence that new means of NFT phishing attacks have emerged in Ethereum ecosystem. Most of the existing research focus on detecting phishing scam accounts for native cryptocurrency on the blockchain, but there is a lack of research in the area of phishing attacks of emerging NFTs. Although a few studies have recently started to focus on the analysis and detection of NFT phishing attacks, NFT phishing attack means are diverse and little has been done to understand these various types of NFT phishing attacks. To the best of our knowledge, we are the first to conduct case retrospective analysis and measurement study of real-world historical NFT phishing attacks on Ethereum. By manually analyzing the existing scams reported by Chainabuse, we classify NFT phishing attacks into four patterns. For each pattern, we further investigate the tricks and working principles of them. Based on 469 NFT phishing accounts collected up until October 2022 from multiple channels, we perform a measurement study of on-chain transaction data crawled from Etherscan to characterizing NFT phishing scams by analyzing the modus operandi and preferences of NFT phishing scammers, as well as economic impacts and whereabouts of stolen NFTs. We classify NFT phishing transactions into one of the four patterns by log parsing and transaction record parsing. We find these phishing accounts stole 19,514 NFTs for a total profit of 8,858.431 ETH (around 18.57 million dollars). We also observe that scammers remain highly active in the last two years and favor certain categories and series of NFTs, accompanied with signs of gang theft.

翻译：[翻译摘要中文] 随着非同质化代币（NFT）的普及，NFT已成为钓鱼攻击的新目标，对NFT交易生态系统构成重大威胁。越来越多的证据表明，以太坊生态系统中已出现新型NFT钓鱼攻击手段。现有研究多聚焦于区块链原生加密货币的钓鱼欺诈账户检测，但针对新兴NFT钓鱼攻击的研究尚存空白。虽然近期有少数研究开始关注NFT钓鱼攻击的分析与检测，但NFT钓鱼攻击手段多样，对这些不同类型攻击的认知仍十分有限。据我们所知，本研究首次对以太坊上真实历史NFT钓鱼攻击进行案例回溯分析与测量研究。通过人工分析Chainabuse报告的既有欺诈案例，我们将NFT钓鱼攻击归纳为四类模式，并深入探究每类模式的具体手段与工作原理。基于截至2022年10月从多源渠道收集的469个NFT钓鱼账户，我们通过对Etherscan爬取的链上交易数据进行测量研究，从作案手法、偏好特征、经济影响及被盗NFT流向等维度刻画NFT钓鱼欺诈行为。通过日志解析与交易记录解析，我们将NFT钓鱼交易归类至四种模式之一。研究发现，这些钓鱼账户共窃取19514枚NFT，非法获利8858.431 ETH（约合1857万美元）。我们还观察到，欺诈者在过去两年中保持高度活跃，且偏好特定类别与系列的NFT，并显现出团伙盗窃迹象。